Infosec products of the month: February 2024
Here’s a look at the most interesting products from the past month, featuring releases from: Appdome, BackBox, Center for Internet Security, Cisco, CompliancePro Solutions, Cyberhaven, LOKKER, ManageEngine, Metomic, OPSWAT, Pindrop, ProcessUnity, Qualys, SentinelOne, Sumsub,Truffle Security, Vade Secure, and Varonis.
CIS ESS Mobile offers visibility into blind spots on mobile devices
CIS ESS Mobile equips security teams with automated threat protection through endpoint detection and response (EDR) that blocks malicious phishing links, identifies vulnerable devices, and detects malicious and unwanted activity on business-critical mobile apps.
Varonis MDDR helps organizations prevent data breaches
Varonis introduced Varonis Managed Data Detection and Response (MDDR), a managed service dedicated to stopping threats at the data level. Unlike traditional MDR services that are endpoint- and network-centric, MDDR focuses on threats to data. The offering combines Varonis’ threat detection technology and automation with a global team of elite threat hunters, forensics analysts, and incident responders who investigate and respond to threats 24x7x365.
Qualys TotalCloud 2.0 measures cyber risk in cloud and SaaS apps
Qualys TotalCloud 2.0 provides a unified platform to identify and consolidate all cloud data across diverse multi-cloud environments, providing broader visibility and context for efficient remediation of security issues. This approach fosters improved collaboration among security, IT, and development teams, to efficiently mitigate risk and protect business-critical applications.
ProcessUnity unveils all-in-one platform for third-party risk management
With a single, configurable platform, ProcessUnity helps organizations manage the increasing complexity of supply chains and third-party relationships with tools to identify and assess the risks associated with each external party, monitor third-party performance and ensure external control effectiveness.
BackBox introduces ZTNO to automate zero trust security for network operations
In a significant stride towards enhancing network security, BackBox introduces Zero Trust Network Operations (ZTNO). This offering is a practice framework with six actionable pillars to automate cybersecurity considerations at the network layer for NetOps teams. To simplify ZTNO for network teams, BackBox has enhanced its Network Automation Platform with improved Privileged Access Manager, Network Vulnerability Management, and Search.
Vade uses generative AI to enhance spear-phishing detection
Vade announced a new method that improves the confidence of its spear-phishing detection engine. The enhancement, designed to combat advanced threats including those produced by generative AI, leverages threat samples created by artificial technology and human sources. The new method trains Vade’s spear-phishing algorithms on a unique combination of traditional and artificially generated spear-phishing emails.
SentinelOne launches threat hunting capabilities in its WatchTower and WatchTower Pro
SentinelOne launched new threat hunting capabilities in its WatchTower and WatchTower Pro managed threat hunting services specifically designed to support security teams in anticipating and countering threats across the enterprise with machine speed and efficiency
Metomic for ChatGPT identifies critical risks in ChatGPT conversations
Because Metomic’s ChatGPT integration sits within the browser itself, it identifies when an employee logs into OpenAI’s web-based ChatGPT platform and scans the data being uploaded in real-time. Security teams can receive alerts if employees are uploading sensitive data, like customer PII, security credentials, and intellectual property. The browser extension comes equipped with 150 pre-built data classifiers to recognize common critical data risks.
Cisco Motific reduces GenAI security, trust, and compliance risks
Born from Outshift, Cisco’s incubation business, Motific provides a central view across the entire GenAI journey, empowering central IT and security teams to rapidly deliver trustworthy GenAI capabilities across their organizations with control over sensitive data, security, responsible AI, and cost.
OPSWAT enhances its MetaDefender Kiosk product line
OPSWAT announced new advancements to its MetaDefender Kiosk product line. Building on the success of last year’s Mobile Kiosk, OPSWAT introduces the Kiosk Mini. The new form factor of the MetaDefender Kiosk addresses specific customer needs, designed to be more accessible, portable and versatile. Also unveiled is the new OPSWAT MetaDefender Kiosk Stand, a new hardware that supports VESA-mountable Kiosks and other VESA-mountable devices.
Sumsub Deepfake Detection combats AI-driven identity fraud
Unlike methods that focus on detecting deepfakes within static images or recorded videos, Sumsub’s new solution operates in real-time during video interviews, further securing the identification process. The enhanced deepfake detection technology is designed to identify and thwart fraudsters attempting to manipulate real-time video interviews for malicious purposes.
LOKKER introduces a feature to notify users if their website breaches various privacy laws
LOKKER now gives companies a solution to monitor and remediate potential web privacy and compliance violations such as HIPAA, the Video Privacy Protection Act (VPPA) and state wiretapping laws across their portfolio of websites.
Appdome unveils Geo Compliance suite to thwart spoofing and enhance mobile app security
The new Geo Compliance features can be combined with any of the 300+ mobile app defenses in mobile app security, anti-malware, anti-fraud, MOBILEBot Defense, anti-cheat, MiTM attack prevention, code obfuscation, and more in Android and iOS apps. All features are fully automated and built on-demand in the language of the mobile app by the Appdome platform, inside the mobile DevOps and CI/CD pipeline.
Cyberhaven Linea AI protects vital corporate data
Unlike traditional data security measures, Linea AI builds a nuanced understanding of how people and teams operate. It mimics the highest level of human analytical insight with the added advantages of unfaltering focus, zero bias, and the capability to operate at an unprecedented scale. This innovative approach allows Linea AI to detect data risks that traditional security tools would miss due to false positives.
CPS Insights helps organizations analyze and visualize their healthcare privacy data
As a new add-on module to the CompliancePro Privacy Program Management platform, CPS Insights is a vital analytics and visualization tool for operational reporting needs. CPS Insights helps organizations efficiently analyze data and identify trends for privacy program management, providing clear visualization on a wide variety of metrics and data elements.
Pindrop Pulse offers protection against audio deepfakes
Pindrop Pulse’s ability to detect deepfakes provides organizations and their customers protection against a variety of voice attacks, including recorded voice replay, synthetic voice, automated voice chatbot, voice modulation, and voice conversion.
ManageEngine unveils ML-powered exploit triad analytics feature
ManageEngine released an ML-powered exploit triad analytics feature in its SIEM solution, Log360. Now, enterprises can knowledgeably trace the path of adversaries and mitigate breaches by providing complete contextual visibility into the exploit triad: users, entities and processes.
TruffleHog: Open-source solution for scanning secrets
TruffleHog is an open-source scanner that identifies and addresses exposed secrets throughout your entire technology stack. Besides scanning normal files, TruffleHog decodes dozens of encodings, including base64, zip files, docx files, and many more, and scans them for secrets.
CVE Prioritizer: Open-source tool to prioritize vulnerability patching
CVE Prioritizer is an open-source tool designed to assist in prioritizing the patching of vulnerabilities. It integrates data from CVSS, EPSS, and CISA’s KEV catalog to offer insights into the probability of exploitation and the potential effects of vulnerabilities on your systems.