Tag Archive for: Eliminate

CrowdStrike Introduces CrowdStrike Asset Graph to Help Organizations Proactively Identify and Eliminate Blind Spots

/in


AUSTIN, Texas and RSA Conference 2022, SAN FRANCISCO – June 6, 2022 – CrowdStrike (Nasdaq: CRWD), a leader in cloud-delivered protection of endpoints, cloud workloads, identity and data, today introduced CrowdStrike Asset Graph, a new graph database powered by the CrowdStrike Security Cloud that provides IT and security leaders with a 360-degree view into all assets (both managed and unmanaged) alongside unprecedented visibility into their attack surface across devices, users, accounts, applications, cloud workloads, operational technology (OT) and more to simplify IT operations and stop breaches.

As organizations accelerate their digital transformation, they are expanding their attack surface exponentially. This has dramatically increased their risk exposure to adversaries who are discovering and exploiting these soft targets and vulnerabilities faster than IT and security teams can discover them. Visibility is one of the foundational principles of cybersecurity because you cannot secure and defend the assets you don’t know exist. This, in turn, creates a race between adversaries and companies’ IT and security teams to find these blind spots. According to a 2022 report from Enterprise Strategy Group (ESG), “69% of organizations have experienced a cyberattack in which the attack itself started through the exploit of an unknown, unmanaged, or poorly managed internet-facing asset.”

CrowdStrike Asset Graph solves this problem by dynamically monitoring and tracking the complex interactions between assets, providing a single holistic view of the risks those assets pose. While other solutions simply provide a list of assets without context, Asset Graph provides graphic visualizations of the relationships between all assets such as devices, users, accounts, applications, cloud workloads and OT, along with the rich context necessary for proper security hygiene and proactive security posture management to reduce risk in their organizations.

“Digital transformation has led to an equal and pronounced acceleration of security transformation in the modern enterprise. For companies furthest along on this journey, IT operations and security teams – once distinct silos – are…

Source…

Startup Virsec Systems says it can eliminate the need for most cybersecurity tools

/in


Having dwelt largely in the shadows for the past six years, cybersecurity startup Virsec Systems Inc. is now doing some flag-waving about its claim that it has developed a radical new approach to protection that can render most other security products unnecessary.

Led by a team of cybersecurity veterans, the company says it can detect attacks by understanding the intended behavior of software and identifying and blocking irregularities in a few milliseconds.

The company has been awarded 45 patents, filed for dozens more and boasts a large base of early enterprise-class customers in government, military, insurance, telecommunications and healthcare. Its board includes former EMC Corp. Chairman Mike Ruettgers, former Cisco Systems Inc. Chief Executive John Chambers and former CIA Director George Tenet.

CEO Dave Furneaux, whose more than 140 venture investments have focused heavily on the cyber realm, said the industry is stuck in a response and recovery cycle that is failing to stop the growing fusillade of cyberattacks. “It’s insanity to expect we should keep doing things in the same way,” he said. “The attacks still get through. Even if a vulnerability is known, there’s a lag time to remediate it, the job is manually intensive and it’s hard to hire people.”

Virsec comes at the problem by embedding a read-only application called AppMap into memory to provide what it calls deterministic protection. The software analyzes running code to learn what permutations the software can invoke and then monitors the full operating stack to detect deviations from intended outcomes and stop them instantly.

“We don’t touch the software, but we map at a very low level to understand its behavior,” Furneaux said, comparing the process to that of a GPS navigation system that understands a map and can navigate from point to point.

Do no harm

“It’s a do-no-harm implementation that does not affect performance,” said David Reilly, former chief information officer of Bank Of America Corp.’s global banking and markets division and an adviser to the company. “It works across static or dynamic environments. The mapping is so quick that it can handle containers, cloud…

Source…

As Mobile Security Challenges Mount, How Can CIOs and CISOs Eliminate Blind Spots?

/in

  1. As Mobile Security Challenges Mount, How Can CIOs and CISOs Eliminate Blind Spots?  Security Intelligence (blog)

    2. Full coverage

mobile security news – read more

Oxford and Cambridge in the race to eliminate passwords

/in

Cambridge University are working on a technology-oriented approach where multiple small devices create an “electronic aura”, enabling a main device to transmit a unique identification signal. Meanwhile a company spun out of an Oxford University programme is developing more biomechanical methods of recognising people based on the way they move, behave and interact with devices.
Naked Security – Sophos