Infosec products of the month: May 2022

Here’s a look at the most interesting products from the past month, featuring releases from: AuditBoard, BIO-key, Cohesity, Corelight, Data Theorem, Deepfence, ForgeRock, Fortinet, Hunters, Enpass, iDenfy, Kasten by Veeam, Kingston Digital, Microsoft, N-able, Nasuni, Netenrich, Orca Security, PIXM, Qualys, SafeGuard Cyber, SecureAge, Skybox Security, Sonatype, Trusona, and Uptycs.

Qualys Custom Assessment and Remediation empowers security teams to counter threats like zero-day attacks

Qualys Custom Assessment and Remediation opens the Qualys Platform for security architects allowing the creation of custom scripts in popular scripting languages, user-defined controls and automation, all seamlessly integrated within existing programs to quickly assess, respond and remediate threats across your global hybrid environment.

Microsoft announces Microsoft Defender for Business (for SMBs)

Microsoft has announced the stand-alone version of Microsoft Defender for Business, which aims to bring enterprise-grade endpoint security to SMBs, including endpoint detection and response capabilities to protect against ransomware and other sophisticated cyberthreats.

N-able Cove Data Protection provides cloud-first backup and disaster recovery for businesses

Cove Data Protection provides streamlined, cloud-first backup, disaster recovery, and archiving for physical and virtual servers, workstations, and Microsoft 365 data, managed from a single web-based dashboard. It also delivers fully managed cloud storage, with 30 data centers to keep backups stored in region, to respect data sovereignty.

BIO-key MobileAuth enhancements safeguard access to critical data

BIO-key announced upgrades to BIO-key MobileAuth, a multi-factor authentication (MFA) mobile app that integrates the power of IBB across multiple authentication modalities, allowing customers to build a more complete MFA strategy. In addition to the newest IBB-powered modalities, MobileAuth supports device-based biometric authentication methods including Apple Face ID, Touch ID, and Android Biometrics, as well as support for push token authentication.

Enpass Business allows organizations to choose where they store their data

With Enpass Business, all passwords remain within the trusted boundaries of the organization’s local IT systems. Enterprises have the option to store data on employee devices, or use their existing cloud storage, enabling them to maintain control over their data without the need to host additional servers.

Data Theorem Supply Chain Secure identifies third-party vulnerabilities across the application software stack

Data Theorem’s new supply chain product can automatically categorize assets under known vendors, allow customers to add additional new vendors, curate individual assets under any vendor, and alert on increases in policy violations and high embed rates of third-party vendors within key applications.

Uptycs helps users strengthen security posture with CIEM capabilities

Uptycs announced new cloud infrastructure entitlement management (CIEM) capabilities that strengthen its cloud security posture management (CSPM) offering. These new capabilities provide Security and Governance, Risk, and Compliance teams with continuous monitoring of cloud services, identities, and entitlements so they can reduce their cloud risk.

AuditBoard introduces enhanced automation capabilities to accelerate compliance management

AuditBoard announced a set of new automation capabilities for its CrossComply solution. These features combine automation with scalability to accelerate security compliance programs with automated framework mapping, evidence collection, and continuous monitoring, as well as providing the ability for teams to leverage applications and data sources.

SecureAge CatchPulse safeguards enterprises against complex security threats

CatchPulse provides always-on, real-time protection to catch threats by simply blocking all unauthorised applications, processes or scripts from executing. It helps organisations stay one step ahead of unknown threats and offers a simple experience for users of all levels, from novice home users to IT professionals.

Nasuni Ransomware Protection defends critical business data against ransomware attacks

Nasuni announced Nasuni Ransomware Protection, a new add-on service to the latest release of the Nasuni File Data Platform that offers an in-line ransomware edge detection capabilities for file data. The new service gives businesses confidence that their file data can not only be quickly recovered following an attack, but that they can now detect live attacks and reduce the time and resources needed to uncover the source of the threat.

ForgeRock Autonomous Access prevents identity-based cyber attacks and fraud

Autonomous Access uses the power of artificial intelligence (AI) to monitor login requests in real time, blocking malicious attempts and adding authentication steps when it detects anomalous behaviors.

Orca Security unveils Shift Left Security capabilities to prevent cloud application issues

Orca Security announced a cloud security solution to provide context-aware Shift Left Security for cloud infrastructure and applications. Orca’s new command-line interface (CLI) called Orca CLI enables developers and DevOps teams to scan locally hosted images and IaC templates, view results directly in developer tools, and surface findings within the Orca platform.

Sonatype launches solution to remediate malicious and outdated InnerSource components

Sonatype announced a capability focused on identifying and remediating InnerSource components that contain vulnerable, malicious, or outdated open source dependencies. With InnerSource Insight, developers can manage their InnerSource components, see what open source packages they’re dependent on, remediate concerns immediately, and identify safe upgrade paths that won’t break builds.

iDenfy introduces Business Verification platform to help customers detect bogus companies

iDenfy’s Business Verification services will offer custom automatizations in one API, helping businesses to screen other companies and detect criminal activity. According to the images, iDenfy distinguishes whether it is a dormitory, a residential house, a commercial premise, or a luxury office. The new Business Verification services even determine the company’s office rental price.

Cohesity FortKnox helps organizations combat sophisticated attacks and accelerate recovery

Cohesity released Cohesity FortKnox — a SaaS data isolation and recovery solution, adding to the company’s Data Management as a Service portfolio of offerings that run on AWS. It is designed to provide an additional layer of off-site protection while simplifying operations and lowering costs compared to magnetic-tape and self-managed data vaults.

Deepfence Cloud protects cloud native applications and infrastructure against cybersecurity threats

Deepfence Cloud, built on the ThreatStryker offering from Deepfence, observes runtime indicators of attack (IoA) and indicators of compromise (IoC) and correlates events to tell the story of each attack as it evolves. With Deepfence Cloud, enterprises can easily tap into ThreatStryker to provide targeted security for their applications against known and unknown threats in real time.

Kasten by Veeam K10 V5.0 provides secure backup and recovery for Kubernetes data and applications

Kasten by Veeam announced the new Kasten by Veeam K10 V5.0 Kubernetes data management platform. Purpose-built for Kubernetes, this latest release is focused on delivering a comprehensive risk management strategy, streamlined CI/CD pipelines and new ecosystem advancement details that optimize and de-risk Kubernetes investments.

Skybox Security unveils cyber risk quantification capabilities to help users prioritize critical threats

Leveraging its proprietary network modeling techniques, Skybox will now quantify the business impact of cyber risks into economic impact. This new financial calculation enables customers to identify and prioritize the most critical threats based on the size of financial impact, among other risk analyses.

Trusona Authentication Cloud delivers passwordless sign-ins without an app

Trusona announced Trusona Authentication Cloud, a low-code, cloud-based service that enables users to authenticate without a password using smartphones, laptops and desktop computers. It can also serve as a secure, low-cost replacement for SMS OTP (one-time passcode) authentication.

PIXM Mobile provides real-time protection from phishing attacks on mobile devices

PIXM Mobile is a cloud-based mobile solution developed with Computer Vision (CV) cybersecurity technology to identify phishing attacks on mobile devices and stop them in real-time, as a user clicks on a malicious link. PIXM Mobile stops phishing on any app, including SMS (“smishing”), social media, and business collaboration apps, as well as email and web-based phishing pages.

Kingston Digital releases external SSD with touch-screen and hardware-encryption

Kingston Digital released the newest addition to its encrypted lineup, IronKey Vault Privacy 80 External SSD (VP80ES). Featuring a color touch-screen and FIPS 197 certified with XTS-AES 256-bit encryption, VP80ES is designed to protect data while also being user-friendly. It also safeguards against Brute Force attacks and BadUSB with digitally-signed firmware for users from small-to-medium businesses (SMB) to content creators.

Corelight Investigator allows security teams to accelerate their threat hunting and investigations

Corelight Investigator brings complete visibility of the network, both on-premise and in the cloud, with evidence that spans months and years, not days and weeks. Customers can leverage machine learning, behavioral analysis, threat intelligence and signatures, mapped to the MITRE ATT&CK framework, to enable broad coverage of network-centric threats.

SafeGuard Cyber adds email protection for Microsoft 365 to defend customers against sophisticated attacks

SafeGuard Cyber announces the addition of email protection for Microsoft 365 to its security suite of protected communication channels. This new release adds a cyber defense layer to the native security provided within Microsoft 365, giving SOC teams the tools to stop difficult to defend social engineering attacks, insider threats, ransomware intrusion, and other advanced threats across the email channel.

Netenrich Resolution Intelligence platform allows analysts to view security status of critical assets

With the Netenrich platform, security ops becomes proactive using a predict and prevent approach in anticipating risky behaviors, disrupting threats and insuring business resilience. Organizations improve their overall security posture while focusing on business growth.

Hunters SOC Platform enhancements enable users to prioritize incidents based on their urgency

Hunters announced new capabilities in the Hunters SOC Platform to enhance and accelerate security operations workflows for data ingestion and normalization, threat detection, investigation and response. The advances free up data engineers, security engineers and analysts in Security Operations Centers (SOC) to focus on higher value work, such as dealing with threats and challenges unique to their organizations.

FortiNDR identifies cyberattacks based on anomalous network activity and limits threat exposure

Fortinet announced FortiNDR, a new network detection and response offering that leverages artificial intelligence and pragmatic analytics to enable faster incident detection and an accelerated threat response. FortiNDR also features native integrations with the Fortinet Security Fabric as well as API integrations with third-party solutions for a coordinated response to discovered threats to minimize their impact.