Action1 Unveils Free Vulnerability Assessment at RSAC 2024 

Posted in Commentary with tags on May 7, 2024 by itnerd

Action1 Corporation, a provider of the integrated real-time vulnerability discovery and patch management automation solution, today at RSAC 2024™ introduced free vulnerability assessment. This service allows enterprise-wide free one-time assessment of software vulnerabilities, enabling organizations to assess their susceptibility to known vulnerabilities and make informed decisions on their security posture.

According to the Action1 2023 State of Vulnerability Remediation Report, 47% of breaches resulted from known security vulnerabilities. The issue lies in most enterprises being unaware of vulnerabilities within their IT infrastructure, which prevents them from maintaining an effective patch management strategy. The Action1 free vulnerability assessment service provides organizations with comprehensive insights into vulnerabilities on their endpoints, including identifying CVEs persisting in applications and operating systems, missing updates, and outdated software. This service offers actionable insights to mitigate risks and improve an organization’s vulnerability management strategy by leveraging data from the National Vulnerability Database (NVD) and CISA’s Known Exploited Vulnerabilities (KEV) catalog.

To access the free vulnerability assessment service, organizations can create an Action1 account and install the agents on their endpoints. Organizations can deploy Action1 simultaneously or in stages across all endpoints, with unlimited time flexibility. Vulnerability analysis begins immediately upon installation. Vulnerability assessment on each endpoint is performed once, and the data is presented in the aggregated view on the Action1 console indefinitely.

Resources

Leave a comment »

Abnormal Security Expands Beyond Email To Offering Autonomous AI-Powered Solutions

Posted in Commentary with tags on May 7, 2024 by itnerd

Abnormal Security today announced that it is expanding its Account Takeover Protection product line beyond email to provide visibility into cross-platform user behavior and centralize compromised account detection and remediation across identity, collaboration, and cloud infrastructure applications. In addition, the company is launching AI Security Mailbox, which provides a new AI-powered coworker that promotes security awareness through real-time conversations between employees and an AI security analyst, while also automating the triage and remediation of user-reported emails. 

Enhancing Visibility and Control with More Cloud Account Integrations 

Recent research from Abnormal shows that nearly 70% of security leaders view cross-platform account takeover threats as the greatest concern to their organizations—even ahead of headlining threats like ransomware and phishing. Additionally, 83% of these organizations have been impacted by an account takeover in the last year, and nearly one-fifth have been impacted more than 10 times.  

To protect against this threat, Abnormal now integrates with more cloud accounts, enabling the platform to analyze a greater volume of signals to better understand human behavior, while empowering customers with more cross-platform visibility and control. These visibility and control features are available starting today in the following applications: 

  • Email: Microsoft 365, Google Workspace
  • Identity: Azure Active Directory, Okta, Ping 
  • SaaS/Collaboration: Atlassian, Box, DocuSign, Dropbox, Google Drive, Salesforce, ServiceNow, Slack, Workday, Zendesk, Zoom
  • Cloud Infrastructure: Amazon Web Services, Microsoft Azure, Google Cloud Platform

Starting today, any customer can integrate their cloud applications directly via API to the Abnormal AI platform in under five minutes and at no cost. As Abnormal begins ingesting data and signals, SOC teams are provided with a consolidated view of all account activity within each connected platform. If malicious activity is found, administrators can remediate compromised accounts with a one-click “Identity Disconnect” button, which will terminate sessions, reset passwords and block access across platforms—drastically expanding the scope of protection. 

Expanding Account Takeover Protection to Cloud Applications

For customers who would rather automatically detect and remediate compromised accounts through the power of AI, Abnormal is expanding its Account Takeover Protection product line beyond email. Once integrated, the Abnormal AI platform ingests a large set of signals, including sign-in events, typical geolocations and VPN details, to build a behavioral baseline for each user across all integrated applications. Autonomous AI models then analyze risky events based on deviations from this baseline, which are correlated across other platforms accessed by that user. Compromised account detections deemed to be high-risk are automatically remediated—adding superhuman capabilities to the SOC team and providing automated cross-platform security for organizations. 

General availability for unified Account Takeover Protection will be announced later this year and Abnormal will also provide this cross-platform capability across other product lines. In 2025, customers can expect an expansion of Security Posture Management, which enables customers to discover and fix key security configuration risks across cloud email, to multiple cloud platforms. 

Increasing Customers’ AI Capabilities with AI Security Mailbox

In addition to expanding visibility and control, Abnormal is also enabling customers to succeed in today’s AI-focused security landscape.

To enable security teams to use more autonomous AI solutions, Abnormal is also launching AI Security Mailbox—an AI coworker for every security team. Now when an employee reports an attack, the Abnormal platform will serve as their personal AI cyber assistant by providing  a personalized response explaining if the email was deemed malicious, safe, or spam and how a determination was made. Users can then converse directly with the AI security analyst, which delights them with real-time feedback as it teaches them better security practices. 

With intrinsic autopilot capabilities, AI Security Mailbox comes pre-trained with enterprise security best practices automatically tailored for each customer environment. To enable further customization, each organization can give the conversational AI agent a name and choose its tone of voice, ranging from formal to humorous to empathic to pirate mode. This capability is available for free to all customers in AI Security Mailbox, formerly known as Abuse Mailbox Automation. 

Resources

Leave a comment »

US Department of State Announces An International Cybersecurity Strategy

Posted in Commentary with tags on May 7, 2024 by itnerd

The US Department of State have rolled out an International Cybersecurity Strategy. Here’s what it’s all about:

The National Cybersecurity Strategy calls for two fundamental shifts: rebalancing the responsibility to defend cyberspace and realigning incentives to favor long-term investments.  The digital ecosystem’s biggest, most capable, and best-positioned actors – be they in the public or private sectors – can and should assume a greater share of the burden for mitigating cyber risk.  When entities across the public and private sectors face trade-offs between temporary fixes and long-term solutions, they must have the resources, capabilities, and incentives to choose the latter.

The U.S. commitment to international partnerships on cyber issues remains strong, and the Strategy emphasizes working with our allies and partners to build a defensible, resilient, and values-aligned digital ecosystem.  Advancing shared goals requires promoting a global cyberspace where responsible state behavior is expected and where irresponsible behavior is both costly and isolating.

This Strategy sets out a path to secure the promise of our digital future.  Its implementation will build a durable cyber foundation for the Administration’s goals in infrastructure, clean energy, equity, democracy, and economic opportunity.  Fundamentally, it recognizes that cyberspace does not exist as its own end, but as a tool to pursue our highest aspirations.

Interesting. Tom Siu, CISO, Inversion 6 had this comment:

The announcement of an international cybersecurity strategy by the US Department of State will be an important acknowledgement of the impact of cyber in the realm of US foreign policy.  In essence, “cyber diplomacy” will affect how our nation relates to others, but we must remember that much of the origin of internet protocols, as evidenced by the Request for Comments (RFC) documents through the Internet Engineering Task Force (IETF) established technical standards that were agnostic of international divisions.  The internet, and the domain of cybersecurity, is a stateless (in a geopolitical sense) entity.

The question that comes to mind for me is will this newly announced strategy change statecraft to adapt to rapid changes in information flow, or will this strategy simply be added to the tools available to current foreign policy strategies.  

The brief description provided by Politico seems to point out that the US foreign policy, in the context of cybersecurity, is to use it as a tool to continue with declining American influence in the cyber realm, rather than a new Cyber Monroe Doctrine or promoting a series of cybersecurity RFCs which are adopted as both technical and behavioral standards.

The announcement of the $50M “Cyberspace and Digital Connectivity Fund” seems small in the realm of ransomware payouts, but may be useful in enhancing the cyber capabilities of our partners and allies.

This should be interesting to watch and see how effective it is. Which is something that will take years to measure.

1 Comment »

River SaaS Capital Announces Its Newly Launched Equity Fund

Posted in Commentary with tags on May 6, 2024 by itnerd

River SaaS Capital provides alternative venture financing to growing software-as-a-service (SaaS) businesses. They offer fast, flexible financing solutions to qualified new borrowers. The company announced today its newly launched equity fund, TruWest Fund I. This new $50 million fund will invest in US-based B2B software-as-a-service businesses and act as a continuum of capital for high potential companies in River SaaS Capital’s venture debt portfolio.

This equity fund is the next step in River SaaS Capital’s investing strategy. In 2015, they launched as a provider of alternative venture financing to early-stage SaaS companies throughout the U.S. With the success of the venture debt fund, the team then started making direct equity investments in select portfolio companies in 2019. Now, with both River SaaS Capital’s venture debt offerings and equity capabilities, they’ll be able to offer multiple capital options to their portfolio at scale.

River SaaS Capital provides alternative venture financing to growing software-as-a-service (SaaS) businesses. We offer fast, flexible financing solutions, typically providing non-dilutive, revenue-based financing to qualified new borrowers in 36-48 month term loans and growing with our portfolio companies over time (via either debt and/or equity). To learn more, visit www.riversaascapital.com.

Leave a comment »

Cordoniq Scores a Hat-Trick at 2024 Cybersecurity Excellence Awards

Posted in Commentary with tags on May 6, 2024 by itnerd

Cordoniq, the secure, enterprise video collaboration platform, has been named a winner in multiple categories at the 2024 Cybersecurity Excellence Awards. The annual awards recognize cybersecurity vendors with ground-breaking products, solutions, and services that are helping set the bar higher for others in all areas of security and technologies. 

Cordoniq was honored in the Secure Collaboration Platform, Technology, and Software categories for North America. Cordoniq stood out with its innovative video collaboration that is disrupting the marketplace, thanks to its secure-by-design approach, next-gen UX and innovative features, like Android TV Capabilities, Green Video Collaboration Technology, Privacy & Security, Share Web & Browser Content, Video Meeting Rooms and more. Cordoniq’s platform-as-a-service (PaaS) model is entirely API driven so it can interact directly with virtually anything in a company’s tech stack, and is trusted by the U.S. Department of Defense, the Pentagon, Special Operations Forces (USSOCOM), and the National Guard.

The Cybersecurity Excellence Awards honor companies that demonstrate excellence, innovation, and leadership in information security. Winners are selected by an independent panel of judges who evaluate the nominees based on their products, services, and contributions to the cybersecurity industry.

Leave a comment »

Change Healthcare Paid A Ransom To Deal With Being Pwned…. Maybe

Posted in Commentary with tags on May 6, 2024 by itnerd

Well, this is really disappointing news.

You might recall that Change Healthcare was pwned. That caused large amounts of disruption for healthcare providers. On top of that, the responsible party was apparently Black Cat/ALPHV who were in the Change Healthcare network for days before they launched the attack. But it gets worse from there. Word started to leak out that a ransom had been paid, and that payment caused some knock on effects within the group that pwned Change Healthcare. Specifically they started to fight amongst themselves to get a cut of the cash. On top of that, HHS launched an investigation into the hack. Which is not good news for Change Healthcare. With that out the way, let’s get to today’s news. Change Healthcare has actually admitted that they paid the ransom:

In a statement sent to WIRED and other news outlets on Monday evening, Change Healthcare wrote that it paid a ransom to a cybercriminal group extorting the company, a hacker gang known as AlphV or BlackCat. “A ransom was paid as part of the company’s commitment to do all it could to protect patient data from disclosure,” the statement reads. The company’s belated admission of that payment accompanied a new post on its website where it warns that the hackers may have stolen health-related data that would “cover a substantial proportion of people in America.”

Change Healthcare’s statement didn’t state the size of the ransom payment. In a hearing held by the US Senate’s Finance Committee on May 1, however, Andrew Witty, CEO of Change Healthcare parent company UnitedHealth Group, confirmed that the payment was $22 million.

Here’s the problem with this. Actually two of them:

  1. It encourages groups like these to continue to attack organizations because they are getting paid.
  2. With the infighting within Black Cat/ALPHV, it means that there isn’t any guarantee that whatever data they stole will get deleted.

So Change Healthcare might think that they have dealt with this by cutting a cheque, but I question if they really have. I wouldn’t be surprised if weeks or months from now it turns out that they haven’t given the current state of play.

Leave a comment »

Shoppers remain cautious through Q1 2024: Salesforce

Posted in Commentary with tags on May 6, 2024 by itnerd

The 2024 Q1 Shopping Index by Salesforce analyzes the activity and online shopping statistics of more than 1.5 billion unique global shoppers from more than 67 countries.

On the heels of rising inflation numbers in Canada, the index found that consumers remain cautious and are pulling back on spending. While digital commerce overall grew 2%, Salesforce data shows a decline in per-visit average spend of $2.02 (down from $2.40 in the last quarter), and a drop-in conversion rate to 1.8% (down from 2.3% last quarter).

Here’s the link to the full Q1 Shopping Index along with a blog post with additional insights. 

Leave a comment »

Introducing SocX, SecureIQLab’s AI-Powered Cloud Security Validation Platform

Posted in Commentary with tags on May 6, 2024 by itnerd

SecureIQLab LLC, a leading provider of cloud security validation solutions, proudly unveils SocX™, a groundbreaking AI-powered cloud validation platform. SocX™ introduces adaptive learning models for cyberattacks backed by powerful analytics designed to accelerate cyberattack prediction and prevention, complementing existing cybersecurity solutions.

Accelerating Innovation: Introducing SocX, SecureIQLab’s AI-Powered Cloud Security Validation Platform

Key features of SocX™ include:

  1. Streamlined Product Lifecycles: SocX™ significantly shortens pre- and post-release product lifecycles for security providers.
  2. Enhanced Operational Efficiency: SocX™ continuously learns and validates, reducing risk exposure and enhancing overall operational efficiency.

In essence, SocX™ simplifies deployment and validation processes, minimizing resource drain. It equips security professionals with the ability to derive valuable insights from validation results in near real-time or within minutes, aiding in product enhancement and informed decision-making.

Security professionals can seamlessly connect to SocX™ via its portal, selecting and deploying specific test use cases or importing their unique methodologies for continuous validation of their offerings. Leveraging SocX™, security technology providers can innovate with confidence, while MSPs can achieve optimal operations tailored to their unique requirements.

Visit them at RSA in San Francisco on May 8, Moscone South, 2nd Floor, Terrace, to learn more about SecureIQLab, SocX™, and its transformative capabilities in the realm of cloud security validation.

Leave a comment »

EnGenius Launches AVXpress

Posted in Commentary with tags on May 6, 2024 by itnerd

EnGenius Technologies has today unveiled AVXpress, an innovative software solution designed to effortlessly enhance network traffic prioritization for business-critical video conferencing and other AV-related applications during peak times. Nowadays, video conferencing has become the most critical daily communication tool in business, where issues like lost sound or severe delays can seriously impact productivity. Unlike traditional solutions, AVXpress integrates application-aware technology that automates complex configurations with just one click, setting a new industry standard for network performance optimization in corporate, entertainment, and educational environments. 

AVXpress - small.jpg

Optimize Business Communications with Intelligent Prioritization  

AVXpress utilizes application-aware technology to automatically recognize and categorize different data types, ensuring that voice and video conferencing communications receive the highest priority by default. This feature dramatically improves the clarity and stability of voice calls and video conferencing applications, crucial for business operations. Additionally, Users can adjust the priority settings to boost other critical applications to high or top priority, ensuring optimal performance and flexibility. 

One Click to Optimize: Simplifying Network Traffic Priority 

The one-click ‘Express’ mode in AVXpress allows any user to instantly prioritize time-sensitive AV applications, such as video conferencing, streaming, or gaming, without the need for technical expertise or detailed settings adjustments on wireless APs and Switches. These services are elevated to the same priority level as voice calls by simply clicking a button, ensuring they receive the necessary bandwidth for a smooth and uninterrupted experience, even under heavy network load.  

Roger Liu, EVP at EnGenius Technologies, states, “With AVXpress, it’s incredibly straightforward. Anyone can quickly prioritize their most needed AV-related applications with just one click—no technical background is required. It’s about turning what used to be complicated into something everyone can handle during those busy network times.”  

 From Wi-Fi to Wire: Ensuring Seamless Connection Quality 

AVXpress provides a seamless and high-quality connection between Wi-Fi clients and wired network infrastructure. It improves and standardizes network performance to ensure consistent quality throughout the data transmission process. The process begins with Wi-Fi devices and passes through EnGenius Access Points, which identify client applications and prioritize traffic. It then flows smoothly through the wired segments via EnGenius Switches, maintaining the exact default priority definition. This guarantees a stable and uninterrupted network experience across the entire network, ensuring end-to-end high quality.

 AVXpress is an innovative feature designed exclusively for EnGenius Access Points and will be accessible through the EnGenius FitXpress and EnGenius Cloud platforms starting in Q2. This rollout ensures that all users can effortlessly utilize AVXpress across EnGenius’ management platforms. For more detailed information or to explore its features, visit AVXpress.  

Leave a comment »

Aptum Signs Agreement with XCV Partners to Support an Elite Partner Ecosystem

Posted in Commentary with tags on May 6, 2024 by itnerd

Aptum today announced it has partnered with XCV Partners, and technology solution distributor that offers an alternative to traditional distribution by prioritizing partner needs and maximizing partner passthrough. The agreement enables XCV’s partners to offer Aptum’s portfolio of infrastructure and cloud management services to its clientele in the U.S., Canada, the UK, and around the world.

With this agreement, XCV Partners will be able to offer growing enterprises, SaaS providers, telcos, and ISPs true hybrid infrastructure solutions, including the following: 

  • Cloud Managed Services: Providing expert guidance, deployment, and management of applications and cloud infrastructure, including hybrid. Aptum is a Microsoft Azure Expert Managed Services Provider. 
  • Infrastructure as a Service (IaaS) and Networking: Design, source, and manage infrastructure and applications. 
  • Application Modernization and DevOps: From key DevOps methodologies and practices, educational workshops, cloud and application assessments, to providing professional services, Aptum helps customers reimagine and build for cloud success. 

The agreement is effective immediately.

Leave a comment »

« Older Entries
Newer Entries »