Security eMagazines

april 2022

RSA Conference Product Preview

By Madeline Lauver, Assistant Editor

Axonius

Manages Enterprise Software as a Service Platforms

Axonius SaaS Management can help security, information technology (IT), finance and risk teams control the complexity, cost and risk of Software as a Service (SaaS). The management platform uses adapters (application programming interface [API] connections to data sources) and discovery tools to create an inventory of the SaaS applications, permissions and data flow involved in an enterprise. The solution aims to find both the SaaS applications known to and sanctioned by organizations as well as shadow and unmanaged apps. Image courtesy of Axonius

Find out more at www.axonius.com

BigID

Identifies Sensitive Cloud Data

BigID’s Automatic Discovery apps aim to find sensitive and personal data stored in the cloud. The Automatic Discovery apps are designed for cloud platforms, including Amazon Web Services (AWS), Microsoft Azure and Google Cloud Platform (GCP). The applications can discover data sources in the cloud and can reduce the need for manual efforts to search for, configure and connect data sources across an enterprise’s cloud environment. These apps allow for regular and repeated scanning of AWS and other cloud platforms. Image courtesy of BigID

Find out more at www.bigid.com

Cobalt

Advises Security Leaders on Cybersecurity Strategy

Cobalt’s Professional Services can aid cybersecurity professionals throughout the penetration testing process. The solution includes Pentest Program Management, which partners users with security consultants to develop penetration testing programs; Advisory Services, which connects enterprise security leaders with cybersecurity advisors to field strategic and technical questions; and Phishing Engagements, a program that trains enterprise organizations how to recognize and protect themselves from a phishing attack. Image courtesy of gopixa / iStock / Getty Images Plus

Find out more at www.cobalt.io

Confluera

Automatically Detects Cyberattack Signs

The Cloud eXtended Detection and Response (CxDR) solution from Confluera can help organizations gain visibility into active attack progressions and reduce the average time to detect and mitigate advanced cyberattacks. The updated CxDR solution extends cloud-native threat storyboarding capabilities to support Microsoft Azure, GCP, AWS and other security solutions. Image courtesy of Confluera

Find out more at www.confluera.com

CyberGRX

Predicts Third-Party Vendor Risk

CyberGRX’s Predictive Risk Profile uses standardized data within the firm’s Risk Exchange platform and applies machine learning and data analytics to anticipate how third parties within a company’s vendor ecosystem will respond to a detailed security assessment questionnaire. With Predictive Risk Profile, users can monitor and analyze third-party risk for improved risk management. Users receive insights across their portfolio of vendors to help enable transparency and address control gaps and risk remediation strategies. Image courtesy of CyberGRX

Find out more at www.cybergrx.com

Fortanix

Secures Artificial Intelligence Models

Fortanix’s Confidential AI is a software and infrastructure subscription service that leverages computing technology to help secure the use of private data without compromising privacy and compliance. With Confidential AI, data teams in regulated, privacy-sensitive industries, such as healthcare and financial services, can utilize private data to develop and deploy artificial intelligence (AI) models. The solution helps to provide protection for the intellectual property of developed models with secure infrastructure. Image courtesy of Fortanix

Find out more at www.fortanix.com

NCP

Keeps Confidential Enterprise Data Secure

Version 2.10 of NCP’s VS GovNet Connector is designed for use in ministries, public authorities and enterprise organizations operating in European countries. The VS GovNet Connector includes secure hotspot login and Friendly Net Detection (FND). The hotspot login aims to directly connect traveling employees to a corporate network or a reduced-function web browser. FND uses an accessible server to detect whether the user is in a secure or unsecure network. Depending on the network, the FND function activates the corresponding firewall rules. The solution offers biometric authentication and virtual private network (VPN) Path Finder Technology. Image courtesy of NCP

Find out more at www.ncp-e.com

NTT Application Security

Integrates Security Throughout Software Development

NTT Application Security’s Vantage Prevent helps enable enterprises to conduct dynamic application security testing (DAST) at each phase of the application development cycle and prevent exploitable vulnerabilities from reaching production. The solution leverages developers’ functional and quality assurance tests to identify security risks in their web applications and APIs. Vantage Prevent also allows software engineers to automate security testing, so security teams can assess reported vulnerabilities before they are deployed into production. Image courtesy of NTT Application Security

Find out more at www.whitehatsec.com

Cambridge Quantum

Creates Randomized Encryption Keys

Quantum Origin derives cryptographic keys using the output of a quantum computer to ensure data is protected at a foundational level against evolving attacks. The keys generated by Cambridge Quantum’s Quantum Origin are based on quantum randomness and can be integrated into existing systems. The protocol relies on “entanglement,” a feature of quantum mechanics. The cloud-hosted platform uses the unpredictable nature of quantum mechanics to generate cryptographic keys seeded with quantum randomness from Quantinuum’s H-Series quantum computers, powered by Honeywell. Image courtesy of Cambridge Quantum

Find out more at www.cambridgequantum.com

Revelstoke

Automates Security Operations Centers

The Revelstoke Unified Data Layer automates analysis in security orchestration, automation and response (SOAR) solutions in security operations centers (SOCs). The Unified Data Layer aims to eliminate software development needs and manage security incidents in SOCs. The no-code/low-code solution can allow chief information security officers (CISOs) to automate certain processes and maintain manual control over others. Image courtesy of Revelstoke

Find out more at www.revelstoke.io

SPHERE

Gives Visibility Into Privileged Access

SPHEREboard 6.0 redesigns SPHERE’s access management solution to help give security professionals visibility into privileged access across an organization’s assets. Users can utilize the solution to manage UNIX, Windows, applications and privileged access. The update includes controls, parameters and a redesign of the SPHEREboard dashboard and user interface. The update brings a new version of the Privileged Access Management module to help understand user environments and identify immediate risks. Image courtesy of SPHERE

Find out more at www.sphereco.com

Tufin

Helps Develop Security Policies

Tufin’s Security Policy Builder (SPB) App automates the design of corporate security network and cloud security access policies across the hybrid environment. Integrating with the firm’s SecureTrack solution, the SPB App can operationalize security policies to identify the exposed attack surface for prioritized response based on a company’s definition of risk to the business to help users track compliance assurance and reduce breach likelihood. Image courtesy of Tufin

Find out more at www.tufin.com

VMware

Detects Cyberattacks and Suggests Future Action

VMware’s Carbon Black Cloud Managed Detection and Response (MDR) for endpoints and workloads aims to give security leaders insight into cyberattacks along with recommendations for remedying policy changes. VMware analysts monitor MDR user environments, offering monitoring, alert triage and threat intelligence. The analysts can notify IT and security teams via email of threats and suggest policy changes to address critical alerts and incident investigations. Image courtesy of VMware

Find out more at www.vmware.com

ZeroFox

Alerts Security to Malicious IT Infrastructure

ZeroFox’s Adversary Disruption service can automate the dismantlement of malicious infrastructure, content, sites and bot accounts required to conduct external cyberattacks. The service aims to identify cyberattack indicators collected across validated threats and distribute them to various third-party providers and endpoint security platforms. Image courtesy of ZeroFox

Find out more at www.zerofox.com

april 2022