Cobalt Iron Secures Patent for Automatic, Dynamic Data Collection in Response to Detected Events and Conditions
Cobalt Iron Compass Named One of DCIG's TOP 3 Google Cloud Platform Cloud Backup Solutions
SmartSafe City Solutions Market to Soar Globally as Governments Increase Public Safety Measures
Top Three Ways to Drive Boardroom Engagement around Cybersecurity Strategy
V2X Market is Facing More Cyber Threats Than Ever
Now Available from Crowd Supply: Precursor, an Open Hardware Platform Offering Secure Communication Capabilities
Private calls between prisoners and their attorneys were leaked from an unprotected server
Microsoft Security Endpoint Threat Report 2019
Soliton Systems Announces Free Trial For New Secure Remote Access Soliton SecureDesktop
Neural Technologies becomes the world’s first Fraud Management System to Automatically Connect to RAG's Industry-Leading Wangiri Fraud Intelligen
-
SonicWall Boundless Cybersecurity Platform Swiftly Providing Remote Workforces with Secure Mobile Access, Defense in ‘New Business Norm’
SonicWall today announced a modern Boundless Cybersecurity model designed to protect and mobilize organizations, large enterprises, government agencies and small- and medium-sized businesses (SMBs) operating in a 'new business normal.' "What we are seeing is a heroic undertaking by organizations to quickly and efficiently provide security for an unexpected rise in a remote, mobile workforce that will permanently change the way they operate," said SonicWall President and CEO Bill Conner. "We are now living in the new business normal." SonicWall's Boundless Cybersecurity approach helps solve the cybersecurity business gap as workers prove to be less secure when working from home, leaving companies more exposed than ever. The platform delivers seamless protection that stops the most evasive cyberattacks across endless exposure points and increasingly remote, mobile and cloud-enabled workforces. "This profound business change will result in increased pressure to execute and deliver proactive, data-centric security protection that is always on, always learning and applies new methods of protection against today's most pervasive cyberattacks," said Conner. New Boundless Cybersecurity Model Complements, Accelerates Company's Record Performance IT departments are moving swiftly to operationalize in the new business normal while defending against threats across a range of attack vectors, including networks, email, mobile and remote access, cloud, SaaS applications, endpoints, IoT devices and Wi-Fi. SonicWall has seen record growth in Secure Mobile Access (SMA) hardware (+342%), SMA virtual appliances (+451%) and pooled licenses (+1,006%). "We have had a record number of inbound requests from verticals that range across the board, including enterprise, governments, K-12, higher education and healthcare," said SonicWall Chief Revenue Officer Bob VanKirk. "We are operating within a 'new normal' at SonicWall, with increased sales efficiency and sales effectiveness, as are our partners. Results are also showing organizations and end-users are embracing this model as well." As organizations work closer than ever with their security providers, the SonicWall SecureFirst partner program has seen an influx of 1,100 new additions since February 2020, bringing its total to more than 21,500 globally. SonicWall further helped enable partners, customers and prospects with a timely webinar, "How to Stay Operational During an Outbreak," which had record attendance across the globe. Solving the Cybersecurity Business Gap The current threat landscape is dramatically escalating risk, making the cost of conventional security prohibitive and the shortage of trained personnel more acute. Constrained budget and staffing resources can't keep up, creating a growing 'cybersecurity business gap' that is unbridgeable with conventional security approaches and resources. "We have been working closely with governments in sensitive areas as they go remote with the need for secure remote access by the thousands," said Conner. "Just like other organizations, they are asking themselves how best to protect the integrity of their operations when nearly 100% of their workforce is remote and mobile. This paradigm creates a growing 'cybersecurity business gap' where conventional security approaches and resources no longer make the cut." Securing Growing 'Boundless' Workforces As the global workforce shifts to work-from-home deployments, organizations are operationalizing a much larger group of remote users than ever imagined, making virtual private networks (VPNs) more critical than ever before. In fact, SonicWall has seen a 1,766% increase in VPN-SSL customers quarter-to-date. SonicWall addresses this new challenge with the scalability and flexibility of its Secure Mobile Access (SMA) series, which has experienced a 2,348% increase of user licenses since February 2020, and adds both security and performance characteristics in its latest release. In the latest product release, SonicWall announces that it has increased SMA 100 series capacity to support hundreds of concurrent remote users. Enterprises and MSSPs can scale upward of hundreds of thousands of users with the proven SMA 1000 series. Dynamic and short-term spike licensing options address any unforeseen events and disaster scenarios. SMA also enables users to leverage the economic and operational advantages of cloud platforms by launching their own virtual instances in private clouds based on VMWare or Microsoft Hyper-V, or in AWS or Microsoft Azure public cloud environments.
-
HID Global Unveils Signature Line of Readers, HID Signo; Unlocks A New World of Open, Connected and Adaptable Access Control
HID Global, a worldwide leader in trusted identity solutions, today announced the launch of HID® SignoTM, its signature line of readers that creates a new industry benchmark for the most adaptable, interoperable and secure approach to access control. The new readers dramatically simplify system deployment and management, meet the advanced security requirements of today’s dynamic environments and set organizations up for smarter, more connected access control. “With the industry now seeking to use access control systems as a backbone for creating intelligent environments, consultants, integrators and end users are increasingly demanding more versatile, high performance solutions,” said Harm Radstaak, Vice President and Managing Director of Physical Access Control Solutions, HID Global. “HID Signo is built on an open platform and delivers on our commitment to innovation with its unprecedented flexibility and robust set of forward-looking features that optimize workplace experiences. Our goal is to put more choices in the hands of our customers and give them peace of mind in knowing they can continually adapt their systems as requirements change.” For ultimate versatility, the readers are interoperable with over a dozen physical and mobile credential technologies so organizations can use their technology of choice and easily migrate to the latest solutions at their own pace. Additionally, with support for Apple's Enhanced Contactless Polling (ECP) to enable Student IDs in Apple Wallet, HID Signo is driving the next wave of flexibility and convenience with mobile access. HID’s new readers are packed with smart features, such as automatic surface detection that recalibrates and optimizes read performance based on the mounting location. For rugged, outdoor performance, the readers are also IP65 rated with no additional gasket needed, and feature a capacitive touch keypad resistant to harsh weather conditions. Transcending traditional access control HID Signo’s connectivity-by-design model empowers administrators to remotely configure and diagnose readers as well as monitor status through a centrally managed and connected reader ecosystem. Additionally, configuration can be further streamlined through the controller via the Open Supervised Device Protocol (OSDP). “HID’s novel approach to access control also lays the foundation for a future of cloud-connected systems that will enable new applications and innovative capabilities, such as the ability to proactively anticipate and address system issues before they occur,” Radstaak added. Delivering multi-layered security with built-in support for OSDP Secure Channel and HID’s proven Security Identity Object technology, the readers store cryptographic keys on certified EAL6+ secure element hardware and custom authentication keys can be used to further enhance security. HID’s patented velocity-checking feature also protects against brute force rapid electronic attacks. Availability The new line of HID Signo Readers is available through Advantage Partners in major markets worldwide, with a phased roll out in select regions.
-
HID Global Extends Passwordless FIDO2 Authentication Throughout the Workplace
HID Global, specialized in trusted identity solutions, today announced it will support the industry’s passworldless authentication initiative at RSA 2020 by demonstrating converged access solutions that extend zero trust security and FIDO2 authentication across the workplace in the physical and digital worlds. The company’s solutions, including smart cards, an expanded USB key family and an updated cloud-based credential management service, are among the first to help realize the industry’s vision for a passwordless future at the door and in hybrid IT environments spanning on-premise and cloud applications. “HID Global provides the industry’s only complete FIDO2 authentication solution for the workplace that provides a converged access experience from the door to on-premise IT systems and cloud resources,” said Brad Jarvis, Vice President & Managing Director of Identity & Access Management Solutions (IAMS) with HID Global. “Besides making it easier and more cost-effective to deploy FIDO2 on employees’ corporate ID badges and other form factors, we increase value with HID IdenTrust digital certificates that give authenticators signing and encryption capabilities for email and documents. Our goal is to help drive adoption of FIDO2-based passwordless authentication by extending its benefits throughout the workplace.” HID Global is announcing general availability of a USB-C option in its HID Crescendo© Key Series family at the conference. The Crescendo family supports passwordless authentication with an end-to-end approach to an organization’s workplace security. Key elements include: • Access convergence that bridges the physical and digital worlds: HID Crescendo 2300 Series converged smart cards and HID Crescendo Key Series authenticators streamline and increase security, accelerate return on FIDO2 deployment investments and plug vulnerability gaps in physical access systems and cyberspace. • Growing family of authenticator options: The Crescendo Key USB-C authenticator joins HID’s Crescendo Key USB-A device to provide an option for logical access option that also accepts a publicly trusted digital certificate. Users can digitally sign and encrypt emails, PDF documents and files without the need for complex public key infrastructure (PKI) solutions. • Centrally managed FIDO: HID Crescendo Series cards and keys are amongthe first supported by enterprise-class credential management, which simplifies tasks like resetting PINs without needing user service re-enrollment. The updated HID Credential Management Service now also issues and manages HID IdenTrust certificates on Crescendo Key USB-C devices.
-
HID Global Recognized as a Microsoft Security 20/20 Partner Awards Finalist in Identity Trailblazer Category
HID Global, a worldwide leader in trusted identity solutions, today announced it has been named a finalist in the Microsoft Security 20/20 program’s Identity Trailblazer category. The company was honored among a global field of top Microsoft partners for demonstrating excellence in innovation, integration, and customer implementation with Microsoft technology. “Being named an award finalist recognizes our work with Microsoft on helping fulfill its vision for using FIDO2 security keys to eliminate the risk of compromised usernames and passwords,” said Brad Jarvis, Vice President & Managing Director of Identity & Access Management Solutions (IAMS) with HID Global. “We have aligned our efforts with this Microsoft initiative to bring our customers a growing family of converged smart cards and keys that extend the benefits of passwordless FIDO2 authentication to provide users a single credential for access throughout the workplace, from the door to cloud and IT resources.” At the inaugural Microsoft Security 20/20 partner awards, the company will celebrate finalists in 16 categories that span security integration partners, system integrators and managed security service providers. HID Global has been nominated as an Identity Trailblazer finalist. “The themes for the new Microsoft Security 20/20 partner awards are vision and clarity. Microsoft Security is focused on protecting our customers and there is no vision for the future that doesn’t involve security partners,” said Rob Lefferts, CVP, Microsoft Threat Protection. “We are hosting the first Microsoft Security 20/20 partner awards gala to honor security partners that are making an impact through technology development and customer enablement.” Only through collaborations can organizations help customers get clarity and become more secure. The security ecosystem must work together to create a vision for the future where people, information, and companies are made safer. Microsoft Security 20/20 provides an opportunity to honor Microsoft partners that have developed and delivered exceptional Microsoft-based solutions and services during the past year. HID Global offers complete solutions for deploying and centrally managing FIDO2 authentication solutions in both the physical and digital worlds. Its Crescendo® 2300 Series converged smart cards and HID Crescendo Key Series authenticators are supported by the enterprise-class HID Credential Management Service and can be given digital signing and encryption capabilities using HID IdenTrust certificates that are recognized by all major operating systems and browsers.
-
Frost & Sullivan: Amid an evolving global risk landscape, Taiwan vendors redefine cybersecurity innovation
SINGAPORE - 3 December 2019 - The Industrial Technology Research Institute (ITRI), Taiwan, collaborated with Frost & Sullivan to develop a set of comprehensive case studies to showcase the region's brightest security innovators. "The cybersecurity industry has a history of developing homegrown solutions in Taiwan. Government initiatives have driven awareness and the development of cybersecurity solutions in recent years. The complex and sophisticated cyber attacks nowadays are fostering specialized, homegrown cybersecurity solutions in Taiwan," said Amy Lin, Industry Analyst, Cybersecurity, Frost & Sullivan. Taiwan already has fairly wide awareness and reach in the global IT hardware industry, contributing a sizable portion of the global cybersecurity hardware appliance market. Its expertise in the world of integrated device security and competitive advantage in hardware-software integration have given it a unique advantage in the security market amid the global proliferation of connected devices. This background enables vendors in Taiwan to gain proven skills in complex integrations and enhance their product suites by pairing with other best-of-breed hardware and software technologies. The Taiwan government has established a plan to invest around 400 million USD on cybersecurity from 2017 to 2020, to enhance the cybersecurity capabilities of the government. This investment expansion in local talent and technologies has allowed for a fast-paced, collaborative, and creative mix of both start-ups and incumbents. These vendors have moved out of security comfort zones, driving disruptions in greener pastures ranging from IoT and mobile device solutions to blockchain and artificial intelligence-powered technologies. Security solutions from key players like Onward Security, Lydsec, ARCRAN, CyCraft, WiSecure Technologies, Billows Technology, BlockChain Security, Ecolux, KeyXentic, and CHT Security have found wide adoption among the government, financial, and manufacturing sectors in Taiwan. While steadily increasing their market shares within home base Taiwan, these vendors have also been extending their flagship products' footprints to global markets in other parts of Southeast Asia and North America. Success Showcase The following customer stories showcase Taiwanese vendors' proven track record of building innovative and customized security solutions for their key customers: • ARCRAN's cybersecurity expertise focuses on providing IoT and Vehicle-to-Everything (V2X) security solutions through wireless signal detection. One of ArcRan's clients used the iSecMaster solution in its smart factory to reduce the signal-recognition misjudgment rate in their smart factories from a staggering 20% to less than 0.5%. • Billows Technology provides security solutions and services spanning two primary areas, audit management and security information and event management (SIEM). One of its clients, a premier local railway network, used Billows' solution to enhance its threat detection and reduce incident response time to ensure safer passenger journeys. • BlockChain Security has been providing blockchain, evidence preservation, and security forensic solutions for over 10 years. One of its law firm clients struggled with large volumes of complex document management and the resultant security needs; the BlockChain Witness platform successfully reduced its operational time from over 20 hours to about 10 minutes. • CHT Security is a leading managed security service provider (MSSP) in Taiwan but also provides broad solutions and products covering major aspects of enterprise security, such as network and endpoint security, professional services, and digital identity services. CHT Security used a homegrown red team assessment approach on its financial services client. The approach helped discover over 30 system flaws within only a week. • CyCraft focuses on AI-driven cyber resilience. Its CyCarrier's AIR platform automates SOC operations, forensics, detection, and response operations. When one of its clients was about to begin a critical acquisition, the platform was able to shorten the cybersecurity investigation from several months to just a few days, reducing investigation time, cost, and labor by over 99%. • ECOLUX's primary focus is on chipset firmware protection. Leveraging the AI-powered smart device security solution, the ECOLUX's AISP Home Guardian directly targets intrusion detection on smart devices, finding and blocking attacks immediately. The solution helped a major smart home specialist provide end-to-end device security on its smart lock products. • KeyXentic's products, the Keyxentic Token and Smart Terminal, apply biometric identification technology to replace traditional password-based services that make encryption easy and accessible. When its banking client was struggling to find an iOS-compatible vendor, KeyXentic came to the rescue with its Smart Terminal, securing the bank's extensive network of self-service iPads. • Lydsec's key solution, Keypasco, focuses on multifactor identity authentication that includes functionalities such as geolocation, device fingerprinting, two-channel structure identification, and PKI signing. A key financial service client using the vendor's Keypasco solution saved up to 70% in authentication costs. • Onward Security has a one-stop integrated suite of services and products for IoT, mobile devices, and network vulnerabilities. When one of its clients was struggling with maintaining security standards to mitigate key clients churn, Onward helped ramp up its product security standards and retained accounts worth $400 million. • WiSecure Technologies' product is the KeyVault Hardware Security Module. When its public sector client needed a secure communication layer, WiSECURE's μSD/X was able to integrate into Signal's cross-platform application, bulking up the client's SCA prevention strategy through cryptographic algorithms. Local vendors in Taiwan have curated a background of targeting highly specific business cases focused on discovering less known, complex attacks that other vendors are still not addressing. Given Taiwan's unique strengths, integrated hardware and software expertise, and innovation potential in Asia-Pacific, its local vendors are making significant inroads into the global security marketplace -- a space ripe for disruption.
-
Irdeto and VOXX Automotive Bring Simple and Secure Key Management to Fleet Owners
APAC – 29 October 2019 – Fleet owners, new car dealers and ride sharing companies are embracing digital transformation. The implementation of connectivity has provided numerous ways to solve real business pain points associated with car sharing. Lost keys, driver authentication and other challenges are quickly becoming a thing of the past. However, the lynchpin to successfully eliminating these challenges is security. With Irdeto and VOXX Automotive, fleet owners, dealers and ride share companies now have a simple and secure solution that gives their customers the power of vehicle access (including vehicle start and drive) and key management on their mobile device. The first-to-market solution combines Keystone by Irdeto with VOXX’s innovative eFob technology to enable new fleet business models for vehicle access and key management, by eliminating the need for the key and fob completely. An important value-added feature for consumers, eFob technology is also critical for fleet owners who want to implement innovative features such as no-key/no-fob vehicle start and drive, digital key sharing, tracking and controlling multi-user vehicles and more. However, fleet owners also know that security is crucial to enabling these features. Irdeto’s security expertise coupled with VOXX’s five-decades of delivering state-of-the-art technologies to the automotive OEM’s offers a premium key management solution with security built-in, ensuring that new fleet business models remain intact. “Continuing to innovate is critical in today’s highly competitive automotive market,” said Edward Mas, President, VOXX Automotive. “Consumers not only want the latest and greatest features and functionality, but they also want to control various car features through their mobile devices. VOXX is committed to developing next-generation technologies that bridge the gap between content, devices and connectivity. With over 50 years of innovation, we were looking for a like-minded company that shared our innovative spirit. Irdeto is the perfect partner, bringing its own 50 years of security innovation to enable new fleet business models as well as new car dealers and ride sharing companies.” Combining secure, tamper-proof policy management that prevents a multitude of potential vehicle hacks, Keystone is a secure system that allows vehicle owners to create and control policies around multi-user vehicle access, settings and usage. Irdeto utilizes its own security in-depth architectures, best practices and technologies to ensure that Keystone cannot be compromised. The solution also includes ECU-side functionality and cloud services, as well as a complete back-end management system with analytics. VOXX Automotive’s award-winning eFob technology provides fleet customers with control over all functions of traditional factory keyless entry/exit key fobs now available on most cars and trucks simply by approaching their vehicle with their smartphone. Together, these solutions provide the most secure and feature-rich key management solution on the market. “The importance of security in today’s digital world cannot be understated,” said Niels Haverkorn, General Manager of Connected Transport, Irdeto. “New fleet and connected car business models are revolutionizing the automotive space. However, if security is not built-in from the ground up then these innovative business models are destined to fail. VOXX Automotive recognizes this importance and by coming together we are making it easy for fleet owners, new car dealers and ride sharing companies to implement a secure and robust key management solution.”
-
The Quantum Internet Is Within Reach: Secure Communication Between Quantum Computers Implemented
An international team headed by physicists from the Technical University of Munich (TUM) has, for the first time ever, experimentally implemented secure quantum communication in the microwave band in a local quantum network. The new architecture represents a crucial step on the road to distributed quantum computing. As of yet, there are no universal quantum computers in the world. But for the first time, an international team led by TUM physicists Rudolf Gross, Frank Deppe and Kirill Fedorov has successfully implemented secure quantum communication in a local network – via a 35-centimeter superconducting cable. "We have thus laid the foundation for implementing quantum communication systems in the very important microwave range," says Rudolf Gross, professor of technical physics at the Technical University of Munich and director of the Walther-Meißner-Institute (WMI), where the experiments took place. "This is a milestone. This puts the quantum internet, based on superconducting circuits and microwave communications, within arm’s reach." Years of pioneering work Researchers at WMI have been pioneering the propagation of quantum microwaves for more than a decade. First, they had to prove that microwave radiation even has quantum mechanical properties. Unlike with visible light, this was extremely challenging from a technical point of view, due to the low energy of the microwave photons. To eliminate interferences, the experiments were done at temperatures near absolute zero. Using special cooling devices, the physicists ultimately succeeded in demonstrating the principle of entanglement in the microwave range, an important prerequisite for reliable quantum communication. Wiretapping-proof protocol using entanglement The physicists’ current work brings them one step closer to the actual application: "Quantum Remote State Preparation," as they call their communication protocol. A quantum state can be set at a remote location without sending anything directly. The concept can be visualized as follows: Two people, let's call them Alice and Bob, are in two different places. While a bit is the smallest piece of information in classical informatics, in quantum communication it is a quantum state. Now, if Alice wants to send Bob a piece of information, both are given part of an entangled quantum mechanical state. Alice then does a measurement on her part of the state and transmits the result to Bob via classical means. Bob, in turn, performs a result-dependent operation on his part of the entangled state, thereby obtaining the quantum state that Alice wants to communicate to him. The classically transmitted measurement result is of no use to any third party since they will not have the entangled state. This makes communications via this protocol absolutely immune to wiretapping. Information transmission using squeezed waves The researchers use a so-called squeezed microwave state as the quantum state. This is a special manifestation of an electromagnetic wave that can only be explained with quantum mechanics. Here, a wave’s vacuum fluctuations are suppressed in one plane and amplified in the plane perpendicular to the first. Two such squeezed states can be used to produce an entangled state. The physicists developed this technique and other important details, such as superconducting quantum circuits, at the Walther-Meißner-Institute in Garching. Seven-meter, cooled quantum cable The new concept could trigger a revolutionary development. "The experimental implementation of secure quantum communication in the microwave domain is an important step towards distributed quantum computing," says Frank Deppe, WMI coordinator of the European flagship project Quantum Microwave Communication and Sensing (QMiCS). The TUM physicists also believe that significantly longer distances are possible between quantum computers. Here, one challenge will be to develop and measure several meters of cooled quantum cables. "In the context of QMiCS, we are already working on extending the distance to seven meters," says Gross. "This puts networking of superconducting quantum computers within reach."
-
Radiflow and Asset Guardian introduce joint solution to enrich industrial asset monitoring and risk assessment
Mahwah, NJ and Livingston, UK (October 2x, 2019) – Radiflow, a leading provider of cybersecurity solutions for industrial automation networks, and Asset Guardian, a dedicated provider of leading edge protection for process control and industrial software, today jointly announced that the two companies have launched a joint solution to expand industrial asset monitoring, change management and risk assessment capabilities for industrial enterprises. Asset Guardian’s change management solution manages software and hardware configurations of industrial automation and controls systems. The Asset Guardian technology manages PLC, DCS and HMI/SCADA software assets and provides a single point of reference for current asset information, including operational status, location and controller logic versions. Radiflow’s iSID industrial threat detection system provides real-time visibility of networked industrial assets, ports and protocols on an OT network. By passively analyzing all data traffic, iSID can detect in real-time and counteract abnormal network activity, such as abnormal network access or asset changes and changes in the sequence of SCADA processes. In this new integrated solution, iSID’s asset inventory now incorporates the asset information stored in the Asset Guardian database, including the detailed asset information that is not available from traffic monitoring. With this new detailed asset information from Asset Guardian, such as logic version, ownership, geo-location and more, the result is a far more granular risk score calculated by iSID for each asset. Changes to assets, such as new firmware or PLC logic, are detected on the network in real-time by iSID and sent to Asset Guardian for verification, authorization and validation against the ‘golden image’ of the binary stored in the Asset Guardian database. “Our Integrated and comprehensive joint platform solution capability will provide greater insight, clarity and security to our global customer base to help protect the integrity of their OT ICS assets against ever increasing cyber threats to safeguard operational resilience, govern compliance, standards, security and deliver effective management of change and disaster recovery,” explained Ewan McAllister, CEO of Asset Guardian Solutions. “Our integration and joint offering with Asset Guardian will provide a higher level of OT asset monitoring and risk assessment,” said Rani Kehat, Vice President of Business Development at Radiflow. “These are key enhancements that will enrich our industrial enterprise customers with greater operational management value.” Radiflow will be demonstrating its joint solution with Asset Guardian this week at the Industrial Control Systems Cyber Security Conference in Atlanta, United States. Radiflow is currently scheduling demonstration of its joint solution with Asset Guardian. In addition, to learn more, please visit Radiflow’s web site to watch a new video about the joint Radiflow-Asset Guardian solution.
-
Internet Society’s Online Trust Alliance Reports Cyber Incidents Cost $45B in 2018
The Internet Society's Online Trust Alliance (OTA), which identifies and promotes security and privacy best practices that build consumer confidence in the Internet, today released its Cyber Incident & Breach Trends Report. The report found the financial impact of ransomware rose by 60%, losses from business email compromise (BEC) doubled, and cryptojacking incidents more than tripled, all despite the fact that overall breaches and exposed records were down in 2018. The data shows that cybercriminals are getting better at monetizing their activities, with OTA estimating the more than 2 million cyber incidents in 2018 resulted in over $45 billion in losses, with the actual numbers expected to be much higher as many cyber incidents are never reported. "While it's tempting to celebrate a decreasing number of breaches overall, the findings of our report are grim," said Jeff Wilbur, technical director of the Internet Society's Online Trust Alliance. "The financial impact of cybercrime is up significantly and cyber criminals are becoming more skilled at profiting from their attacks. So, while there may be fewer data breaches, the number of cyber incidents and their financial impact is far greater than we've seen in the past." In the report, OTA noted a steep rise in cyber incidents like supply chain attacks, Business Email Compromise (BEC) and cryptojacking. Some attack types, such as ransomware, are not new but continue to be lucrative for criminals. Others, such as cryptojacking, show that criminals are shifting their focus to new targets. Some of the top trends from the Cyber Incident & Breach Trends Report are listed below. - Rise of Cryptocurrency Breeds New Cyber Criminals In conjunction with the increasing prevalence of cryptocurrency comes the rise of cryptojacking, which tripled in 2018. This is a specific type of attack aimed at hijacking devices to harness computer power at scale to efficiently mine cryptocurrency. OTA believes these incidents are increasingly attractive to criminals as they represent a direct path from infiltration to income, and are difficult to detect. - Deceptive Email Though well-known as an attack vector, Business Email Compromise (BEC) doubled in 2018, resulting in $1.3 billion in losses as employees were deceived into sending funds or gift cards to attackers who use email to impersonate vendors or executives. Many companies are reacting by clearly labeling all emails that originate outside the organization's network. - Attacks via Third Parties Supply chain attacks -- wherein attackers infiltrate via third-party website content, vendors' software or third-parties' credentials -- were not new in 2018 (similar past exploits include Target in 2013, CCleaner and Not Petya in 2017), but they continue to proliferate and morph. The most notable 2018 attack was Magecart, which infected the payment forms on more than 6,400 e-commerce sites worldwide. The OTA report compiled external sources that estimated a 78% increase in these types of attacks in 2018, with two-thirds of organizations having experienced an attack at an average cost of $1.1 million, and estimates that half of all cyber attacks involve the supply chain. - Governments Under Attack While the total number of ransomware attacks was down in 2018, the OTA report noted a troubling rise in reported ransomware attacks against state and local governments in 2018 and early 2019. Breaches targeting the cities of Baltimore and Atlanta led to the disruption of many government services and the rebuilding of entire network structures. Local governments are particularly vulnerable given that they often rely on outdated technology and are running old software and operating systems. - Issues in the Cloud While also not new, 2018 brought a rash of sensitive data being left open to the Internet due to misconfigured cloud services. Given the number of businesses that rely on companies like Amazon, Google, and Microsoft for some or all of their cloud needs, it is increasingly important to ensure cloud storage is secure. The report noted that one common problem with cloud computing isn't even a true "attack", but user error. Configuring data storage correctly is the responsibility of the data's owner, not of the cloud service and it's often improperly done. - Credential Stuffing Rises OTA found an increase in credential stuffing in 2018, an attack type that recently gained prominence. Given that there are now more than 2.2 billion breached credentials in play and users often rely on identical logins across services, attackers are harnessing ultra-fast computers and known username/password pairs or commonly used passwords to gain access directly to accounts across a wide range of industries. Several high-profile attacks occurred in 2018, and though many were initially believed to be breaches, they turned out to be brute-force credential attacks.
-
Versa Networks Achieves NSS Labs Recommended Rating in the 2019SD-WAN Group Test with its Security-Enabled SD-WAN
Versa Networks innovator of the Secure Cloud IP platform announced that NSS Labs, Inc., a global leader and trusted source for independent, fact-based Cybersecurity and SD-WAN guidance, has received the Recommended rating from NSS Labs in its 2019 Software-Defined Wide Area Network (SD-WAN) Group test. Versa is one of only two vendors who have received the Recommended rating to undergo testing of its built-in protection against network-delivered exploitation capabilities. The NSS Labs group test findings accentuated what customers discover and report about Versa Networks’ exceptional user experience and lower total cost of ownership (TCO) with security enabled. NSS Labs clients are exploring the security readiness of SD-WAN products, motivated primarily by a desire to offload traffic via public Internet access at the branch. The NSS Labs test was designed to add clarity to the definition of WAN security, which varies by SD-WAN vendors who are referencing encrypted links, antithreat capabilities or full stack solutions (next-generation firewall). NSS Labs structured the SD-WAN test according to three dimensions: Highest quality of experience for VoIP and Video, lowest total cost of ownership, and protection against network-delivered exploitation: • Low TCO: The Versa SD-WAN solution delivered the lowest TCO per Mbps of secured SD-WAN throughput. • High quality of experience for VoIP and Video: NSS Labs tested Versa’s solution under very difficult network conditions of packet loss, jitter and latency. The Versa SD-WAN solution delivered very high MOS scores and application quality of experience standards for voice and video applications. • Protection against network-delivered exploitation capabilities: SD-WAN is commonly used by enterprises for better SaaS and multi-cloud application experience using direct internet connectivity, which increases vulnerability to attack. The Versa SD-WAN solution has been designed from the ground up with security in mind, such as embedded NGFW that blocks threats at the branch more effectively, along with robust web security services. In NSS Labs’ test of protection against network-delivered exploitation capabilities, Versa achieved a 99.2% exploit block rate and a 100% score in stability and reliability. Versa has now scored a Recommended rating in both the SD-WAN and NGFW tests by NSS Labs. Key to the NSS Labs test criteria were leveraging unbiased data to establish verifiable vendor differentiation, which in a crowded vendor landscape like SD-WAN puts a premium on empirical evidence to affirm selection or inform customers. TCO is a major factor to consider, given the prospect of operational savings from introducing transport diversity, such as broadband Internet, and a simplified deployment model eliminating onsite technical support ( ZTP or Zero Touch Provisioning). In addition, efficiency metrics were important considerations since the number of WAN links within enterprises can reach into the hundreds and even thousands. Without SD-WAN, managing traffic behaviors and priorities across a large, distributed infrastructure is an immense task, and thus SD-WAN offers a simpler operational model to more easily adapt, tune and control traffic patterns centrally. Another key imperative the NSS Labs test incorporated was application awareness and application user experience quality, which allows for core applications to be traffic-engineered and customized on-demand based on dynamic network characteristics and security policy objectives. Versa’s Secure Cloud IP solution enables enterprises to deploy a secure SD-WAN fabric for their branch network and better manage WAN costs while simplifying operations, enhancing network resiliency and improving application performance. Versa’s solution integrates routing, networking services, SD-WAN and critical security functions like NGFW and unified threat management (UTM) that also serve to consolidate multiple appliances into a single platform. Versa’s unique solution provides full multi-tenancy, multiple deployment options, ZTP and multi-cloud extensibility to enable enterprises to seamlessly drop in next-generation technology for fast WAN transformation. “Versa’s proven technology is the best technical solution with the best value. We focused on integrating security into our product when we started the company and today are known for having the best SD-WAN solution with built-in security. In this NSS Labs test, while other vendors either chose to test without security or lacked the necessary capabilities to be tested per the NSS Labs SD-WAN 2.0 methodology, Versa’s architecture performed exceedingly well, demonstrating our built from the ground up, embedded security services at a lower cost per bit,” said Kumar Mehta, co-founder and CDO, Versa Networks. “We believe the NSS Labs results strengthen the market leadership position Versa has garnered already with our unique solution and enterprises should feel confident that with Versa they get the best scale, quality, performance and feature/functionality, including enterprise-grade security, with all critical branch services running in a unified, flexible software platform.”
-
QNAP Announces Limited-Time Special Offer of McAfee Antivirus for QNAP NAS at Computex 2019
QNAP® Systems, Inc. today announced a limited-time special offer of McAfee® Antivirus for QNAP NAS systems. With a subscription to McAfee Antivirus, QNAP users can ensure their data stays protected from viruses, heal currently-infected files, prevent viruses spreading through file sharing, and receive the latest definitions to combat present & future virus threats. A one-year subscription to McAfee Antivirus is now available for $8.99 (normally $25.00), two years for $13.99 (normally $50.00), and three years for $18.99 (all prices in United States Dollars). A free 30-day trial is also available for QNAP NAS users. This special offer is valid till June 28, 2019. “McAfee Antivirus provides dependable protection for users to defend against current and emerging virus threats in digital and networked environments,” said Meiji Chang, General Manager of QNAP, continuing “By taking advantage of this limited-time special offer, QNAP NAS users can ensure their files and data are well protected.” “McAfee delivers modern cybersecurity solutions to provide trusted endpoint protection,” said Tom Moore, Vice President of Global OEM of McAfee, adding “We encourage QNAP users to take this chance to plan their cybersecurity solution for antivirus protection both online and offline.” - Availability McAfee Antivirus is available from the QTS App Center on QNAP NAS. For more information and to subscribe to the McAfee Antivirus service, users can visit the QNAP License Store website.
-
InfiNet Wireless partners with Maicrotel SAS to complete major security overhaul at South American port
InfiNet Wireless, the global leader in fixed broadband wireless connectivity, has successfully completed a radical overhaul of a local port security system in South America. Puerto de Mamonal, Cartagena, Columbia, has become the first sea terminal to adopt InfiNet Wireless technology as part of a project to showcase the diverse range of environments it can operate in. In partnering with Colombian communications solutions provider, Maicrotel SAS (Maicrotel), InfiNet Wireless technology successfully delivered a comprehensive modern wireless solution to enhance the security measures of the port. The solution entailed an InfiNet Wireless point-to-multipoint network, with security cameras, cabinets, transmission radios, data security and Wi-Fi network transmission. The monitoring of and provision of security of the port’s 310,000 m2 territory, was extensively enhanced by the solution, which covered more than 240,000 m2 of storage area used for many types of merchandise. Due to the sensitive nature of the port’s operations and the commercial value of the diverse range of goods handled on-site, it was of the utmost importance that an effective CCTV system was implemented to control the operations inside the port and to monitor the handling of merchandise. “The port security staff have been highly impressed by the system – the wireless solution delivers all of the closed-circuit audio and video data from the port to the control center 24 hours a day,” said José Arsenio Galvis, head of Puerto de Mamonal. “We have had a timely response and the result of the implementation has been impeccable. It has allowed us to have a reliable control system, in addition to complying with the safety regulations that underpin the effective operation of the port terminal.” “InfiNet Wireless’ security system has also given the port the confidence to expand its area of operations and further investment in this state-of-the-art solution to safeguard the port is expected,” added Galvis. By enabling the monitoring of the handling and logistics of the merchandise, control staff had the tools to prevent theft and drug trafficking in the terminal. This system is made up of technological solutions such as radios, cameras and data, making it easy to monitor movements and the handling of merchandise from the control center. A system of physical protection and data protection was installed, with optimal connectivity, to safeguard port activity. This includes a video surveillance system, the design of which was tailored to cater the critical conditions of the management and the processing of goods. “This successful implementation at Puerto de Mamonal demonstrates the immense versatility of InfiNet Wireless’ solutions to operate in a variety of markets and conditions,” said Carlos de Lamadrid, head of LATAM region at InfiNet Wireless. “Given that this was the first time deploying our solutions at a seaport, the transition was seamless, and the operational efficiency has been flawless since. We look forward to seeing more projects like this rolled out in the future and for new regions around the world to benefit from what we have to offer.”
-
HID Global Teams with The World’s Top Turnstile Manufacturers to Bring Mobile Access to Lobby Security
HID Global, today announced that it has teamed up with six of the world’s top turnstile manufacturers who have tested and certified HID’s Mobile Access® as part of their commitment to a mobile future. Major turnstile manufactures exhibiting at this year’s ISC West exhibition, namely Alvarado, Automatic Systems, Boon Edam, Gunnebo, Orion Entrance Control and Smarter Security, have integrated the new Essex Electronics iROX-T with embedded iCLASS SE® technology from HID. Each company will showcase mobile access in their booths to illustrate how mobile is upping the convenience factor at the turnstile. “Leveraging mobile and cloud technologies at every access point, from turnstiles and elevators to doors, is a crucial part of creating a truly connected security experience in today’s smart building,” said Michael Chaudoin, Vice President of Product Management and Marketing, Extended Access Technologies business unit with HID Global. “HID Global and Essex Electronics are making this vision real by solving the challenge of increasing turnstile security with a solution that enables secure access using credentials provisioned to a user’s mobile phone. This will help people move more efficiently through the hustle and bustle of busy building lobbies.” Already certified with the six turnstile manufacturers, the Essex Electronics iROX-T reader with HID’s embedded iCLASS SE® technology supports Bluetooth Low Energy (BLE) and Near Field Communications (NFC) for mobile access and optional OSDP for secure communications. It is also interoperable with smart cards, HID’s 13.56MHz Seos® credentials, iCLASS SE, iCLASS®, and other high frequency formats. Garrett Kaufman, President of Essex Electronics, added, “Building on our successful launch of the iRox-T, the latest integration of BLE, NFC and OSDP illustrates the reader’s ability to streamline upgrades in order to meet the demands of today’s mixed credential environment that is increasingly incorporating mobile IDs on smartphones.” See HID Mobile Access in action at ISC West 2019 Visit HID Global in Booth #11063 and the following turnstile manufacturers to see live demonstrations of HID Mobile Access at ISC West from April 10-12, 2019 at the Sands Expo in Las Vegas. Alvarado Booth #12101 Automatic Systems Booth #2065 Boon Edam Booth #8037 Gunnebo Booth #4077 Orion Entrance Control Booth #5065 Smarter Security Booth #21117
-
‘Ransomware’ and ‘Cryptojacking’ Mining Cryptocurrency Declined, While ‘Formjacking’ Stealing Credit Card Information Increased
Cybercriminals are always wondering about get-rich-quick schemes, that is, how much money they can earn quickly. Cybercriminals have been using cryptojacking to mine cryptocurrency and ransomware to demand money. Recently, however, they are turning their attention to formjacking, a method of stealing credit card information. Cryptojacking, which is the most common way for cybercriminals, is the process of mining cryptocurrency using the processing power of the target computer and cloud CPU usage. With the attention of bitcoin, the notion of cryptocurrency has attracted great popularity. In addition, cybercriminals favored the cryptojacking technique of extracting cryptocurrency by planting malicious codes. However, according to a recent ISTR report released by Symantec, the value of the cryptocurrency ‘Monero(XMR)’ has fallen to 90%, and the cryptojacking peaked at the beginning of 2018, but showed a 52% decline throughout the year. As the adoption of cloud and mobile computing has increased, both the effectiveness of attacks and the profit have fallen. However, cryptojacking should not be ignored as it is still attracting attackers with low entry barriers, minimal overhead and guaranteed anonymity. At the same time, ransomware also shows a decline in overall attack activity and in profit. The number of infections by ransomware fell 20% last year, down for the first time since 2013. However, in 2018, the number of ransomware attacks against enterprises has risen by 12%, showing a contradiction to the overall downturn, which is a constant threat to them. In fact, more than eight out of ten ransomware infections are affecting the enterprises. Furthermore, the ransomware is evolving. Ransomware is mainly targeting enterprises through e-mail with office files. The reason why enterprises are targeted is that they typically use Windows, do not back up important files well, and there will be a lot of profit when the attack succeeds. The certain ransomware families, such as a wanted SamSam, usually attack with a lot of ‘PowerShell’ scripts and mainly target medical institutions and local governments. In 2018, they already attacked at least 67 agencies, and the amount of extortion is estimated to reach $6 million. According to the latest annual report of the IBM X-Force security research, the number of cryptojacking is more than double that of ransomware, as the ransomware attacks were greatly reduced last year. While the attempts to install ransomware on devices in the fourth quarter of last year were declined 45% from the first quarter, the increasing rate of cryptojacking attacks grew to 450%. The industries that received the most cyber-attacks include finance (19%), transportation (13%), service (12%), distribution (11%), and manufacturing (10%). ▲ Cryptojacking is on the decline, but it cannot be ignored. As cryptojacking and ransomware are slowing down, a new form of crime has emerged among cybercriminals, which is ‘Formjacking’. Formjacking is a virtual ATM skimming that steals financial and personal information of individual users through card information and credit card fraud on online purchasing sites. According to Symantec’s reports, on average, over 4,800 websites appear to be infected with formjacking codes every month. It is estimated that cybercriminals will make at least tens of millions of dollars in revenue in 2018 in underground markets such as ‘Dark Web’. Information that was hijacked by formjacking is sold for up to $45 for one credit card. In the case of British Air, where more than 380,000 pieces of credit card information were leaked, the offenders are expected to earn more than $17 million. Individual users cannot know whether visited online sites are infected without using a security solution, so their risk of identity theft and personal and financial information are likely to be exposed. For companies, the risk of attacking the supply chain as well as the risk of reputation or legal liability experienced during infection is increasing. Formjacking, which is continuously on the rise, is expected to continue in 2019 and beyond. Cybercriminals are constantly intellectualizing and diversifying their methods of attack. Cryptojacking, which has been crammed with cryptocurrency, but the attack rate has fallen by 52% when the value and attack effect have fallen, and also ransomware has an attack pattern concentrated on enterprises that suffer greater than individuals. Though the attack has diminished, cybercriminals have evolved to develop more intelligent techniques and to use various other methods, such as formjacking, to launch various attacks. In addition, the number of formjacking has increased, making cybercrimes more likely to occur to ordinary users who are not related to cryptocurrency or enterprise computers. Even ordinary users who have been excluded from the target cannot easily know whether they have been infected after making a payment on their website. In the United States, the structure of online shopping is easy and fast based on JavaScript, making it easy for cybercriminals to do formjacking. Korea seems to be relatively safe because it has a different payment method and does not use JavaScript, but it has to be noted that recently cases of overseas direct purchase have increased and damage cases are increasing rapidly as well. As the attacking method is becoming more intelligent and diverse, users are advised to recognize and prevent the danger. In addition to the aforementioned cryptojacking, ransomware and formjacking, in 2019, security will be important in various aspects such as clouds, 5G and IoT devices. Users need to avoid crybercrimes as intelligent as the cyberciminals through improving their security awareness and getting more comprehensive training on threat limitations and corrective actions. ▲ Formjacking is emerging as a new information extortion method.
-
telent and Innaxys launch first UK-centric digital evidence management solution to cut police costs and increase conviction rates
telent today launched a pioneering digital evidence management solution which could potentially save police forces millions of pounds per year. Jointly developed with UK-based specialist policing software application provider Innaxys and in conjunction with emergency services across the country, telent’s digital evidence management solution is designed to specifically meet the needs of UK police forces. It provides 100% UK sovereignty of the storage of digital evidence with all data encrypted and held securely on telent’s Public Services Network (PSN) accredited and UK-based cloud platform. Addressing the increase in digital evidence, such as CCTV footage, photos and videos recorded by the public, and body camera and dashcam clips, the solution will significantly reduce the time officers spend physically collecting CCTV images and enable faster analysis and processing of evidence. Police forces will also be able to securely share evidence with the criminal justice system to ensure evidence cannot be misplaced, lost or damaged, reducing court case adjournments and delays. A proof of concept has already been successfully delivered, with the first live deployment currently in the final stages of user acceptance testing ahead of its planned go live date later this year. While specific cost savings will be proportional to the size of individual police forces, a medium sized force has estimated that the solution will save 2,100 officer shifts per annum. The same force also believes a 50% reduction in court case adjournments can be achieved through the solution’s secure sharing of digital evidence. “Jointly with Innaxys we have developed this solution in consultation with UK police forces specifically to address the challenges faced by officers collecting data in the modern policing age where there has been a huge increase in public and business CCTV use,” said Barry Zielinski, General Manager Public Safety & Defence at telent. “This is combined with a proliferation of smartphones, dash cams, social media and body worn cameras, creating both opportunities and challenges for policing. This solution helps officers efficiently collect, manage, store and share these new digital evidence sources. It will save officer time collecting images, reduce court case adjournments and ensure the security of digital evidence by eliminating the risk of it being destroyed, tampered with, lost or even left in public places.” telent’s solution follows the CoPaCC/Police ICT User Perspectives 2018 report, which is based on a survey across UK police forces. This research highlights concerns regarding the management of digital evidence, stating that urgent action is required to manage the proliferation of digital evidence and replace current time consuming and insecure processes. The solution is available via a national police procurement framework and forces which choose to use the solution will be provided with management options for each digital asset or piece of evidence, including who has access, how long they have access, and what metadata about the evidence is shared. When collecting evidence from members of the public, the force can email a link which lets people securely upload their footage from anywhere with an Internet connection. The solution also integrates directly with the Digital Evidence Transfer System (DETS) which will link police forces to the criminal justice system. DETS was also developed by Innaxys and is currently being trialled by the Home Office in conjunction with five police forces across the UK. It is expected to be mandated by the Home Office for use by all police forces in 2020. Jean-Claude Lafontaine, CEO at Innaxys, said: “Through the digital evidence management solution, the time and cost of collecting evidence from the public is massively reduced. Such a system will become more and more necessary in the future, as digital evidence continues to grow and officer resources are put under increasing strain.” Additional key benefits of telent’s digital evidence management solution include faster processing and sharing of digital evidence with suspects which will reduce “no comment” interviews and ensure criminals are brought to justice faster. Providing more efficient analysis and management of digital assets is particularly important for larger and complex investigations. Simple crowd sourcing of phone and dash cam images for both minor incidents and major terrorism incidents will also be made possible, while police forces’ reputation will be protected due to the solution eliminating the risk of digital evidence being destroyed, tampered with, lost or left in public places. “In the context of legacy IT systems, budget cuts and increasing demand for frontline policing, this solution is exactly what’s required to ensure that the UK’s police forces have a cost-effective solution that will them see them well into the future and supplement the incredible work that they do,” added Barry Zielinski at telent.
-
Ziften Announces Rapid Adoption of its Cloud-Delivered Endpoint Protection Plus Visibility and Hardening Platform (EPP+)
Ziften, a leader in endpoint protection plus visibility and hardening, today announced the rapid adoption of its EPP+ platform. Ziften is the first cyber-security platform that provides one agent for all endpoints – laptops, desktops, servers and cloud – preventing a full-range of cyber-attacks by addressing all 3 phases of the endpoint security continuum – attack protection; threat analysis, response and remediation; and proactive endpoint posture hardening and hygiene. Enterprise security buyers have quickly recognized the value of this full continuum EPP+ approach which is fueling Ziften’s business successes in 2018 and now into 2019, including: 130% increase in monthly sales velocity – for the 2H of 2018, after its August EPP+ product release. 100% growth in 3-year purchase agreements – for the 2H of 2018 as enterprise customers lock into longer term EPP+ contracts. Rapid upturn in early 2019 channel led sales – through indirect resellers, managed security service providers, and OEM arrangements. “As a strategic IT planning and security solutions provider, we’re thrilled to include the Ziften Zenith endpoint protection suite of capabilities into our offering for our customers”, said Jon Craig, Chief Information Security Officer, Black Bottle Security. “Ziften’s endpoint protection plus full visibility is an absolute differentiator and allows us to deliver a full-set of endpoint security capabilities with a single agent for all our customers’ endpoints including Windows, Mac and Linux.” Additionally, Ziften is participating at the RSA Conference at the Moscone Center in San Francisco this week and will be: Providing demonstrations of its EPP+ platform at booth #1149 in the South Hall. Jointly presenting on “The Lost Boys: How Linux and Mac Intersect in a Windows-Centric Security World” with German IT services and solutions partner Sepago, on Wednesday, Mar 06 at 01:30 - 02:20 P.M. in Moscone West 3001. "We’re thrilled to see the quick uptick in customer acceptance of our new EPP+ endpoint security model”, said Mike Hamilton, Chief Executive Officer, Ziften. “I believe Ziften’s the only endpoint security vendor to provide full-featured endpoint protection plus continuous endpoint monitoring and posture hardening. And although our focus on process, technology and discipline is now paying off for Ziften, we have more exciting announcements to come and continue to be hyper-focused on accelerating our innovation for our customers, partners and service providers.”
-
JASK Enhances Multi-Cloud Monitoring Capabilities in ASOC Platform
JASK today announced new dynamic multi-cloud visibility and workload monitoring features that extend its leadership position as the market’s first cloud-native SIEM. The enhanced capabilities include advanced analytics expressly designed to process the constantly changing, high-volume data unique to AWS and Microsoft Azure cloud environments. JASK will demonstrate these capabilities at RSA Conference in San Francisco, March 4-8, 2019. JASK is a SIEM in the cloud, for the cloud. The ASOC platform was built in AWS by some of the world’s foremost architects in cloud-native development, including Rob Fry, VP of Engineering at JASK and former lead architect for cloud security at Netflix – the largest public cloud-native company in the world. As a result, JASK ASOC uniquely understands what cloud data to monitor and how to monitor it. “Legacy SIEM products were designed for use cases and include analytics for traditional on-premises architectures,” said Fry. “The methodologies that power these SIEMs to analyze on-premises data streams from firewalls, proxies and hosts don’t apply to cloud data. With integrations and analytics built for both AWS and Azure, JASK ASOC provides organizations with unprecedented visibility into cloud environments because it understands how to monitor cloud data, where workloads may come and go within hours or minutes and clusters it with on-premises data to streamline analyst workflows.” As a cloud-native platform, JASK ASOC fully leverages the elastic capabilities of cloud computing, such as horizontal-scaling data-ingestion pipelines, to ensure it scales to handle any data volume that customers desire. The cloud also affords JASK the processing power necessary for the analytics that provide automated alert triage, ensuring seamless monitoring of both cloud and on-premises infrastructure in a single platform. JASK ASOC now includes integrations with AWS CloudTrail, AWS GuardDuty and VPC Flow Logs to ingest, aggregate and analyze dynamic workload information about user activity, malicious behavior and IP traffic as part of JASK Insights. For example, JASK ASOC can correlate an alert about an open S3 bucket with information about who opened it and who accessed it to tell security analysts a story about what happened with S3 and address the issue immediately. JASK ASOC also fully supports the Microsoft Graph Security API to ingest a robust set of Azure cloud data and information related to Microsoft users, applications and events into its advanced SIEM platform. Through this support, JASK uniquely integrates with Microsoft Azure Event Hubs to stream millions of events per second from OneDrive, Exchange, Azure Active Directory and Office 365 to the ASOC platform for processing, correlation and analysis.
