Infosec products of the month: June 2022
Here’s a look at the most interesting products from the past month, featuring releases from: Acronis, Arcserve, Black Kite, Cavelo, Code42, ComplyCube, Cynet, Elastic, ESET, Feroot, Fusion Risk Management, G-Core Labs, Hillstone Networks, Incognia, Living Security, Lumu, NetWitness, Optiv Security, Qualys, Rafay Systems, RangeForce, SafeBreach, SecureAuth, SecurityMetrics, Splunk, Swimlane, and Traceable AI.
Acronis Advanced DLP protects businesses and MSPs from data leakage
The integration of behavioral-based DLP capabilities into the Acronis Cyber Protect Cloud platform is what extends its ability to deliver unified data protection, cybersecurity and management across systems, data and workloads regardless of their location.
Cynet Automated Response Playbooks empowers security teams to reduce their alert investigation
Cynet’s Automated Response Playbooks automate manual tasks and workflows, empowering security teams to reduce their alert investigation and response times by 90%. In addition to freeing up valuable time for security teams, the playbooks provide a defined, consistent response process for more accurate security decisions and ensure that all alerts are properly addressed.
Qualys VMDR 2.0 provides security teams with insights into an organization’s risk posture
Qualys VMDR 2.0 helps security and IT teams increase efficiency and save time by providing shared context and the ability to create drag and drop workflows to automate time-consuming vulnerability management operational processes including vulnerability assessment of ephemeral cloud assets, alerting, and prioritization.
Code42 adds watchlists functionality to its Incydr product to help teams manage insider risk events
Code42 announced it expanded the data risk detection capabilities in the Code42 Incydr product to give security teams visibility and context to situational Insider Risk events. With Incydr’s watchlist functionality, security analysts can create user groups with common attributes from data that Incydr ingests, and automate investigation and response management workflows.
SecureAuth Arculix strengthens passwordless authentication for enterprises
Arculix is powered by its patented behavioral modeling, which is driven by artificial intelligence/machine learning (AI/ML) technology. It combines desktop login, mobile, and SSO user experiences into a single, seamless, passwordless system. Backed by 47 patents, the platform is fortified by integration with a large set of multi-factor authentication (MFA) methods.
ESET NetProtect suite protects customer devices connected to Telco and ISP networks
ESET has announced a new suite of products for the Telecommunications and Internet Service Provider (Telco and ISP) industry, with the aim of offering extensive protection to consumers. The new offering includes ESET NetProtect for Mobile and ESET NetProtect for Mobile Advanced, which offer security via mobile networks, and ESET NetProtect for Home Advanced, which helps secure fixed network connections.
SecurityMetrics Pulse helps businesses detect and monitor cyber threats
SecurityMetrics Pulse scans your locations both externally and internally, identifying which points of your network are vulnerable. This can include misconfigured firewalls, malware hazards, and remote access vulnerabilities. Results of these scans are scored according to the CVSS. This data is then analyzed in the SecurityMetrics Threat Intelligence Center to identify indicators of compromise.
Traceable AI introduces API Catalog solution to help organizations manage API-related security threats
The API Catalog solution provides DevSecOps with a single pane of glass for all APIs by showing all API activity in one place. The catalog prioritizes the most important and useful information first, as well as detailing potential risks and sensitive data exposure for all of the APIs that have been discovered.
NetWitness XDR helps analysts detect known and unknown attacks
NetWitness XDR detects intrusions as they happen, using real-time visibility into network traffic across internal, internet-bound, virtual infrastructure and cloud computing environments, paired with deep, process-level endpoint visibility. Once an attack is detected, a prioritized and automated response enables an effective defense.
SafeBreach Studio enables security teams to automate and scale red-team exercises
SafeBreach announced SafeBreach Studio, a no-code red-team automation platform security teams of all skill levels can use to create, customize and execute sophisticated attack scenarios that replicate real-world adversary behavior.
Living Security Unify Insights allows organizations to identify human behavior risks
Unify Insights gives security leaders the ability to observe employees’ behaviors over time, identify those that present the most risk, and take targeted actions to address those threats, all while being able to measure and report on risk changes with other executives across the organization and with the Board.
Elastic Security for Cloud expands visibility and protection of cloud-native environments
Elastic Security for Cloud expands the capabilities of Elastic Security by bringing together the ability to enforce security posture for cloud-native and hybrid environments with infrastructure detection and response (IDR) to give customers deep visibility into cloud workloads and perform expert prevention, detection and response.
Swimlane Turbine extends visibility and response for security teams
Swimlane Turbine is a low-code security automation platform that captures hard-to-reach telemetry and expands actionability beyond the closed extended detection and response (XDR) ecosystem. Turbine analyzes incident data in real-time so that analysts can instantly execute an array of actions specific to the case.
Lumu Incident View empowers security teams to prioritize incidents based on the progression of attacks
Lumu’s Incident View shows operators everything they need to know in one place for precise response. Teams receive actionable information about who was impacted, when the incident took place and how best to respond before it escalates to a bigger problem.
Splunk announces platform updates to address the complexities of multi-cloud and hybrid environments
New enhancements to Splunk Cloud Platform and the general availability of Splunk Enterprise 9.0 empowers customers to make business decisions on full fidelity data, act faster on data insights, and customize how those insights are operationalized across their organization in the hybrid cloud.
Incognia Location-based Liveness Spoofing Detection identifies fraudulent attempts to fake liveness
The Incognia Location-based Liveness Spoofing Detection solution module goes beyond traditional biometric systems and addresses the device integrity and also the device location to accurately determine risk whenever a user performs a selfie and submits a biometric proof of liveness.
Black Kite FocusTags allows users to track high-profile cyber events
Black Kite’s platform was built to provide full visibility into a vendor’s cyber position, using the same open-source intelligence tools and techniques hackers use (data collectors, crawlers, honeypots, etc.) to continuously collect information from internet-wide scanner databases, reputation sites, cyber events, hacker shares, and known vulnerability databases.
Optiv MXDR enhances detection and response with expanded cloud integration
Optiv announced the expansion of its Managed XDR (MXDR) offering to ease clients’ burden of safeguarding critical data, applications and systems in the cloud (public or multi-cloud) in near real-time.
Feroot DomainGuard reduces risk associated with client-side attacks
Designed for organizations that wish to control their client-side attack surface by deploying and managing CSP on their web applications, DomainGuard identifies all first- and third-party scripts, digital assets and the data they can access. It then generates appropriate CSP on crawled data and anticipated effectiveness while also allowing customers to fine tune CSP at the domain level for easy management, version control and reporting.
Arcserve N Series appliances allow organizations to protect their digital assets
Arcserve N Series hyper-converged data protection appliances combine orchestrated recovery using Arcserve UDP, the flexible scale-out design of Nutanix, and ransomware protection of the backup system with Sophos Intercept X Advanced cybersecurity.
ComplyCube’s face authentication combats fake signups and synthetic identities
ComplyCube’s enrolled faces capability removes the need for a manual process by checking at scale for duplicate faces used at onboarding. So, a customer creating multiple accounts will be caught even if different personal information is used.
Cavelo unveils platform enhancements to minimize data exposure for midsized businesses
Cavelo announced the release of digital asset discovery, tracking, data access, vulnerability and risk reporting enhancements to help businesses discover sensitive data, minimize data exposure and support attack surface management initiatives.
Hillstone Networks ZTNA solution provides organizations with control over their network access
Hillstone’s ZTNA solution takes a zero-trust philosophy and applies it to network infrastructure protection. It works on the concept of least privilege and provides a fine-grained, sophisticated approach to avoid unnecessary application exposure.
Fusion Risk Management announces new capabilities to improve incident response for organizations
By providing a dynamic approach to incident response, Fusion’s new functionalities enable organizations to understand the full impact of disruption and engage teams, critical partners, and response automation in response and recovery efforts. Organizations now have the power to protect important services and products by resolving incidents faster and preventing future occurrences.
RangeForce platform updates enable users to conduct offensive and defensive attack scenarios
RangeForce announced it has enhanced its team threat exercises platform with new capabilities that make it easier for organizations to accelerate the skills development of their security teams through multi-user detection and response exercises of emulated attacks.
G-Core Labs’ stand-alone solution offers protection against SYN Flood DDoS attacks
To provide its customers with better protection against SYN Flood DDoS attacks, G-Core Labs, in cooperation with Intel, have developed a stand-alone solution based on 3rd generation Intel Xeon Scalable processors. This new type of solution removes the need for a dedicated DDoS protection server and evenly distributes volumetric attacks across CDN servers, decreasing the performance requirements for every individual CDN node.
Rafay Systems Paralus helps users achieve secure access to Kubernetes clusters
Paralus offers access management for developers, architects, and CI/CD tools to remote K8s clusters by consolidating zero-trust access principles such as transaction level authentication and authorization into a single open-source tool.