Connect with us

News

Qualys Offers 30-Day Free Access to the Qualys Enterprise TruRisk Platform

Published

on

Qualys is offering free 30-day access to the Qualys Enterprise TruRisk Platform to aid organisations in efficiently discovering and classifying internet-facing and internal-facing assets and prioritising vulnerabilities for swift and safe remediation, aligning with the UK’s National Cyber Security Centre (NCSC) 5-7 days guidance. NCSC recently released guidance recommending patching vulnerabilities for internet-facing services and software within five days and non-external-facing vulnerabilities within seven days.

Hadi Jaafarawi, Managing Director for Middle East at Qualys

Many organisations find it challenging to accurately discover all their assets, specifically those that are internet-facing, efficiently measure and prioritise the risk, and then remediate it. Anonymised customer data from the Qualys Threat Research Unit (TRU) indicates the median time to remediate (MTTR) for the average organisation was 29 days. In contrast, the median time to weaponise (MTTW) was just seven days.

The free access to the Qualys Enterprise TruRisk Platform allows organisations to remediate issues in as little as 30 minutes and within seven days for full alignment. Incorporating Vulnerability Management Detection and Response (VMDR), CyberSecurity Asset Management, and Patch Management, the Qualys offering helps organisations to:

Identify External Assets: Accurately discover both internal and external assets within your environment and flag End of Life (EOL) and End of Support (EOS) software and devices.

  1. Conduct Efficient Risk-based Prioritisation: Vulnerabilities are prioritised by their TruRisk score and automatically mapped to necessary updates to simplify IT workflows for a customised NCSC risk and remediation view.
  2. Automate Patching: The gap between security and IT teams is closed with Qualys Patch Management. Qualys brings these groups together to safely prioritise and deploy patches automatically to help customers update by default within seven days.

“Given the rate at which adversaries are weaponising vulnerabilities, it is almost impossible for most organisations, with their complex infrastructures and patch workflows, to keep up,” said Hadi Jaafarawi, Managing Director – Middle East, Qualys. “By offering the Qualys Enterprise TruRisk Platform free for 30 days, organisations can avail of a solution that streamlines asset discovery, takes the guesswork out of understanding which vulnerabilities are the riskiest and helps with prioritisation, so they can mitigate risks quickly and efficiently to safeguard their businesses.”

News

Sophos Completes Secureworks Acquisition

Published

on

Sophos and Secureworks have announced the completion of Sophos’ acquisition of Secureworks. The all-cash transaction values Secureworks at approximately $859 million. With the completion of the acquisition, Secureworks’ common stock has ceased trading on Nasdaq. Thoma Bravo, a leading software investment firm, backs Sophos.

With this acquisition, Sophos is now the leading pure-play cybersecurity provider of Managed Detection and Response (MDR) services, supporting more than 28,000 organizations of all sizes worldwide. The combination will enable Sophos to deliver an unparalleled security operations platform, featuring hundreds of built-in integrations for adaptive protection, detection and response for mitigating cyberattacks. The open and scalable platform helps organizations, especially those with diverse IT estates, safeguard current and future technology investments, providing greater operational efficiencies and return on cybersecurity spend. Sophos X-Ops is also expanding its threat intelligence and security services capabilities by adding the Secureworks Counter Threat Unit and security operations and advisory teams.

As a channel-first cybersecurity provider, Sophos remains unwavering in its commitment to delivering cutting-edge security services and technologies that empower our global community of resellers, Managed Service Providers (MSPs) and Managed Security Services Providers (MSSPs). This includes expanding their reach, enhancing operational scalability and providing stronger defences to the countless organizations that need the ability to effectively defend against today’s constant and complex cyberattacks.

“The market is embracing MDR as a clear means to deliver positive cybersecurity outcomes, and this has meant rapid growth in the category,” said Joe Levy, CEO, Sophos. “Sophos is differentiated by our very mature competencies in ransomware detection, malware analysis and threat actor tradecraft. These defences are further augmented by Sophos’ native artificial intelligence (AI), first innovated by our globally peer-recogniwed AI team nearly a decade ago, and embedded in our MDR, endpoint, network, email, and cloud security to more effectively neutralize and stop threats. With the integration of Secureworks, our expanded services and product portfolio will provide even stronger end-to-end security solutions that will include identity threat detection and response (ITDR), next-gen SIEM and managed risk, all in a single open platform. We will also be able to further advance our AI, threat intelligence and attack research through more diverse and deeper global telemetry that is analyst-tuned for the real world. At every level, we are very excited about this next accelerated chapter for Sophos.”

In the near term, Sophos and Secureworks are operating business as usual, working with our respective channel partners, MSPs and MSSPs worldwide to distribute our existing security services and technology. Both companies’ sales and customer experience groups will operate to support existing customers, assist with renewals and develop current and new business opportunities. Sophos protects more than 600,000 customers worldwide with its portfolio of MDR, endpoint, network, email, and cloud security solutions that integrate and adapt to provide real-time defence through the Sophos Central platform.

Under the terms of the agreement, Sophos acquired Secureworks in an all-cash transaction valued at approximately $859 million. Secureworks shareholders, including Dell Technologies, will receive $8.50 per share in cash. This represents a 28% premium to the unaffected 90-day volume-weighted average price (VWAP). Kirkland & Ellis LLP acted as legal counsel to Sophos, Goldman Sachs & Co. LLC., Barclays, BofA Securities, HSBC Securities (USA) Inc., and UBS Investment Bank acted as financial advisors and provided debt financing for the transaction. Piper Sandler & Company and Morgan Stanley & Co. LLC acted as financial advisors to Secureworks, and Paul, Weiss, Rifkind, Wharton & Garrison LLP acted as legal counsel.

Continue Reading

Artificial Intelligence

DeepSeek Popularity Exploited in Latest PyPI Attack

Published

on

The Supply Chain Security team at Positive Technologies’ Expert Security Center (PT ESC) discovered and neutralised a malicious campaign in the Python Package Index (PyPI) repository. This attack was aimed at developers, ML engineers, and anyone seeking to integrate DeepSeek into their projects.

The attacker’s account, created in June 2023, remained dormant until January 29, when the malicious packages deepseeek and deepseekai were registered. Once installed, these packages would register console commands. When these commands were executed, the packages began stealing sensitive user data, including information about their computers and environment variables often containing database credentials and access keys to various infrastructure resources. The attackers used Pipedream, a popular developer integration platform, as their command-and-control server to receive the stolen information.

Stanislav Rakovsky, Head of Supply Chain Security at PT ESC, explained, “Cybercriminals are always looking for the next big thing to exploit, and DeepSeek’s popularity made it a prime target. What’s particularly interesting is that the malicious code appears to have been generated with the help of an AI assistant, based on comments within the code itself. The malicious packages were uploaded to the popular repository on the evening of January 29.”

Given the heightened interest in DeepSeek, this attack could have resulted in numerous victims if the malicious activity had gone unnoticed for longer. Experts at Positive Technologies strongly recommend being more attentive to new and unknown packages.

Continue Reading

Artificial Intelligence

SentinelOne to Spotlight AI-Driven Cybersecurity at LEAP 2025

Published

on

SentinelOne has announced its participation at LEAP 2025, alongside its distributor, AlJammaz Technologies. The company will showcase its AI-powered cybersecurity solutions including advanced EDR, XDR, and ITDR solutions designed to deliver autonomous protection against evolving cyber threats.

SentinelOne’s solutions align with the Kingdom’s strategic priorities by offering proactive AI-driven protection for critical infrastructure, enterprises, and government entities. The company’s Singularity platform, known for its real-time, AI-driven threat detection, response, and prevention, will be at the centre of its presence at the exhibition. The platform enables enterprises to protect their endpoints, cloud environments, and identity layers, allowing them to innovate confidently amidst evolving cyber threats.

Speaking on their participation, Meriam ElOuazzani, Senior Regional Director, META at SentinelOne, said, “Cybersecurity remains central to progress with Saudi Vision 2030’s digital leadership and economic goals, and our solutions empower businesses to outpace evolving threats and fuel growth. By participating at LEAP, we aim to engage with key stakeholders in the tech ecosystem, explore new partnerships, and demonstrate how our solutions are reshaping workforce capabilities and the future of digital resilience.”

SentinelOne’s AI strategy focuses on delivering autonomous, real-time protection by leveraging machine learning and behavioural AI. This ensures businesses can detect, mitigate, and remediate cyberattacks faster and more effectively than traditional solutions. Senior executives from SentinelOne will be onsite at the AlJammaz Executive Lounge in Hall 1 to share insights on AI-driven security strategies and the future of autonomous cybersecurity. Visitors can also experience live demonstrations of the Singularity platform.

Continue Reading
Advertisement

Follow Us

Trending

Copyright © 2021 Security Review Magazine. Rysha Media LLC. All Rights Reserved.