Connect with us


Palo Alto Networks Delivers What’s Next in Security at Ignite ’21



Palo Alto Networks has showcased industry-first security innovations to help organizations protect a rapidly expanding attack surface. Before an audience of 26,000 at its Ignite ’21 conference, the cybersecurity leader unveiled breakthrough solutions, including Prisma Cloud 3.0, the first integrated platform to secure the full application lifecycle, and Next-Generation CASB (Cloud Access Security Broker), which raises the bar in SaaS security as organizations tackle exploding SaaS usage with hybrid work. Palo Alto Networks also announced the Cortex® eXtended Managed Detection and Response (XMDR) Partner Specialization, combining its pioneering Cortex XDR 3.0 solution with managed services offerings from more than 15 partners — to empower customers’ security operations.

“With the en masse shift to a hybrid workforce and rapid adoption of the cloud, the way work gets done has changed. SaaS collaboration apps are becoming key to a productive hybrid workforce, but SaaS security has not caught up. With the introduction of our Next-Generation CASB, we’re the first to recognize and embrace this shift — and solve for it,” said Lee Klarich, chief product officer, Palo Alto Networks. “At the same time, as applications are increasingly being developed and deployed in the cloud, Prisma Cloud 3.0 now secures the full cloud application lifecycle. Prisma Cloud continues to push the industry forward with this next evolution of cloud security.”

Palo Alto Networks Ignite ’21 announcements include:

Prisma Cloud 3.0: Integrated Platform Secures the Full Application Lifecycle
The industry’s first integrated platform to shift security left, Prisma Cloud 3.0 significantly improves organizations’ entire cloud security posture by reducing security risk at runtime. With a customer base that already includes 77% of the Fortune 100, the most complete Cloud-Native Application Protection Platform (CNAPP) now also offers organizations cloud code security to embed critical protections in the development process, agentless security to complement existing agent-based protection and Cloud Infrastructure Entitlement Management (CIEM) for Microsoft Azure.

Next-Generation CASB Helps Organizations Secure Soaring SaaS Usage
Announced today, Palo Alto Networks Next-Generation CASB raises the bar in SaaS security to accommodate today’s hybrid workplace. Developed to secure cloud applications, especially modern collaboration tools, that legacy SaaS security fails to protect, Next-Generation CASB helps organizations enable safe SaaS adoption by automatically securing new applications, accurately protecting sensitive data in real-time, and stopping known and unknown threats with best-in-class threat detection and prevention.

WildFire Advanced Malware Analysis: Available as a Standalone API for the New Digital Era
To meet the security needs of organizations interacting with customers in new ways online, Palo Alto Networks announced the availability of its WildFire cloud-based threat analysis as a standalone product. One of the largest advanced malware analysis solutions in the world, powered by crowd-sourced intelligence from over 80,000 customers, this new availability allows organizations to incorporate WildFire’s capabilities across a diverse set of use cases, including securing the online portals where end-users increasingly interact with businesses and governments — preventing them from becoming malware delivery vectors.

eXtended Managed Detection and Response (XMDR) Specialization Unleashes Cortex XDR to More Customers
Building on demand for Palo Alto Networks pioneering Cortex XDR 3.0 extended detection and response solution, the new Cortex XMDR Specialization enables MSSP partners to combine Cortex XDR with their managed service offerings — helping customers streamline security operations center (SOC) operations and quickly mitigate cyberthreats. With certification and training now tightly integrated with the new benefits of Cortex XDR 3.0, more than 15 organizations have already achieved Cortex XMDR Specialization status — including PwC, Orange Cyberdefense, CRITICALSTART, and Trustwave.

Unit 42 Doubles Down on Cloud Incident Response
Following a 188% increase in cloud cases over the past three years, Unit 42 announced it is doubling down on its Cloud Incident Response practice to provide an optimized approach for each stage of the cloud incident lifecycle, resulting in faster recovery for impacted organizations. Specialized cloud digital forensics and incident response teams made up of cloud experts use cutting-edge cloud security products like Cortex XDR, Cortex Xpanse, Prisma Cloud, and new DFIR methods designed for dynamic cloud incidents to quickly identify attack vectors, the extent of access, and at-risk data.

Expert Speak

Don’t Brush It Off – Plan Your Incident Response Now



In business, impermanence is the only certainty. An example is how organizations addressed the COVID-19 pandemic. Within a few weeks, many developed a plan to run their businesses remotely.

More than three-quarters of organizations worldwide don’t have an IT incident response plan in place because most believe they have little risk of becoming a cyberattack statistic. Unfortunately, that’s still likely to happen.

According to africanews, in the past year, Kenya has experienced a concerning rise in cyberattacks, with a remarkable 860 million incidents documented in 2022.

As wisely expressed by Benjamin Franklin, “By failing to prepare, you’re preparing to fail.” Let’s explore a strategic incident response plan for your organization.

Create a Backup
Business networks are complex and large, and oftentimes, a network outage results in financial and reputational repercussions, including disgruntled clients. It’s imperative to create a backup of critical data and systems that you can’t run your business without, and store it in a safe location. When the inevitable breach occurs, your business will be able to recover as quickly as possible.

Never Say Never
While a workforce continuity plan might seem unimportant and nonurgent, the pandemic prompted IT departments worldwide to quickly realize the importance of being able to rapidly change the way their organizations conducted business.

Here are a few steps to help you draft a business continuity plan to address the next disruption:

  • Form a team with representatives from each department and understand their workflow.
  • Identify critical business functions and find a way to prioritize them.
  • Assess the risks for every process in your organization and record them.
  • Develop a risk mitigation strategy to protect your critical business functions from those risks.
  • Document the entire procedure and keep it up to date.

Train Your Employees
A common hurdle with an incident response plan is ensuring that employees take the plan seriously. To deter the mindset that the plan is “less urgent,” educate employees about its importance and the repercussions that can result from cyber threats and cyber incidents. It’s vital to conduct regular training sessions to address hardware failures, software glitches, network outages, and security breaches so that you efficiently mitigate a cybersecurity incident.

What Doesn’t Kill You Makes You Stronger
Understand the points of failure in your previous incidents and find a way to rectify them. Single points of failure should be addressed by establishing a backup, not just in terms of network and systems but also in terms of staff allocation. Relying on a single person, especially when it comes to a critical network, is not a great idea. Delegate a second person to reach out and provide assistance in case of an incident.

While incident response might seem insignificant in the larger scheme of things, when a disaster hits, it could potentially devastate your business. Take some time to prioritize incident management and make it part of your organization’s culture by creating a backup, training your employees, drafting a workplace continuity plan, and learning from your past incidents. Learn more about IT incident management for your business.

Continue Reading

Cyber Security

ManageEngine Intros Enhanced SIEM with Dual-Layered System for Better Precision in Threat Detection



ManageEngine, the enterprise IT management division of Zoho Corporation, today unveiled the industry’s first dual-layered threat detection system in its security information and event management (SIEM) solution, Log360. The new feature, available in Log360’s threat detection, investigation and response (TDIR) component, Vigil IQ, empowers security operations centre (SOC) teams in organizations with improved accuracy and enhanced precision in threat detection.

A quality SOC ensures people, processes, and cutting-edge technology function well. However, enterprise security is made difficult by staffing shortages and solution orchestration complexities. Following recent upgrades to the security analytics module of Log360 designed to facilitate SOC optimization through key performance metric monitoring, the company has focused on addressing pressing challenges in security operations.

“In a recent ManageEngine study, a majority of respondents revealed that their SOCs are understaffed. These resource-constrained SOCs grapple with significant obstacles, such as process silos and manual investigation of alerts, which are often non-threats, low-priority issues or false positives. These lead to extended detection and response times for actual threats. To overcome these challenges, we recognize the imperative adoption of AI & ML for contextual event enrichment and rewiring threat detection logic,” said Manikandan Thangaraj, vice president at ManageEngine.

“We pioneered a dual-layered, ML approach to heighten the precision and consistency of threat detection. First, Vigil IQ ensures genuine threats are discerned from false positives. Second, the system facilitates targeted threat identification and response. This advanced system significantly improves the accuracy of identifying threats, streamlining the detection process and allowing SOC analysts to focus their valuable time on investigating real threats.”

Key Features of the Dual-Layered Threat Detection System of Vigil IQ in Log360:
Smart Alerts: Vigil IQ, the TDIR module of Log360, now combines the power of both accuracy and precision in threat detection. With its dynamic learning capability, Vigil IQ adapts to the changing nature of network behaviour to cover more threat instances accurately. It will spot threats that get overlooked due to manual threshold settings, thereby improving the detection system’s reliability.

Proactive Predictive Analytics: Leveraging predictive analytics based on historical data patterns, Vigil IQ predicts potential security threats, facilitating the implementation of proactive measures before incidents occur. This predictive intelligence drastically reduces the mean time to detect (MTTD) threats.

Contextual Intelligence: Vigil IQ enriches alerts with deep contextual information, providing security analysts with comprehensive threat insights. This enrichment of alerts with non-event context accelerates the mean time to respond (MTTR) by delivering pertinent, precise information.

Continue Reading


Proofpoint Appoints Sumit Dhawan as Chief Executive Officer



Proofpoint has announced that Sumit Dhawan has been appointed chief executive officer, effective immediately. Rémi Thomas, Proofpoint’s chief financial officer, who has been acting as Proofpoint’s interim CEO since October 25th, will continue to serve as the company’s CFO. “The Proofpoint board of directors could not be more excited to partner with Sumit as he joins Proofpoint to usher in a new stage of growth,” said Seth Boro, managing partner at Thoma Bravo. “Sumit brings a wealth of valuable experience and expertise in building category-leading, scaled companies and businesses. We are confident his customer-centric passion and strong legacy of leadership will continue to carry Proofpoint’s mission forward in providing people-centric cybersecurity solutions that address some of the most challenging risks facing organizations today.”

Dhawan is a highly respected and seasoned technology leader with a proven track record of building market-leading security, cloud, and end-user computing businesses. In his most recent role as president of VMware, Dhawan was responsible for driving over $13B of revenue and led the company’s go-to-market functions including worldwide sales, customer success and experience, strategic ecosystem, industry solutions, marketing, and communications. Before that, he was chief executive officer of Instart, a cybersecurity business delivering innovations in web application security services. He has held senior executive and general management roles at both VMware and Citrix and has successfully established category-leading businesses at scale.

“Over the years, Proofpoint has built an exceptional brand and is trusted by some of the world’s leading organizations as their cybersecurity partner of choice,” said Sumit Dhawan. “I’m honoured to join a leader at the forefront of cybersecurity innovation and to shepherd its continuing and unwavering commitment to helping organizations across the globe protect people and defend data.”

Proofpoint recently announced it has entered into a definitive agreement to acquire Tessian, a leader in the use of advanced AI to automatically detect and guard against both accidental data loss and evolving email threats. Tessian’s cloud-native, API-enabled inbound and outbound email protection solution will extend Proofpoint’s award-winning offering to address the most frequent form of data loss including, misdirected email and data exfiltration.

Continue Reading

Follow Us


Copyright © 2021 Security Review Magazine. Rysha Media LLC. All Rights Reserved.