Home > News > Latest > Prisma Cloud Delivers Context-Aware Software Composition Analysis to Secure Deployment of Open Source Software

Cloud Security

Prisma Cloud Delivers Context-Aware Software Composition Analysis to Secure Deployment of Open Source Software

Palo Alto Network
Open source software is a critical component of cloud-native applications, allowing developers greater speed and modularity without having to reinvent the wheel each time they code. However, as the Unit 42 Cloud Threat Report, 2H 2021 found, open source software can often contain known vulnerabilities, which can open organizations up to significant risk. Palo Alto Networks (NASDAQ: PANW), the global cybersecurity leader, today introduced the industry's first context-aware software composition analysis (SCA) solution to help developers safely use open source software components. The integration of SCA into Prisma® Cloud further demonstrates why Palo Alto Networks is the leading provider of cloud-native security.

Traditional SCA solutions are standalone products that can produce a large number of alerts but lack the runtime context to help fix vulnerabilities. With the addition of SCA to the Prisma Cloud platform, developers and security teams can proactively surface and prioritize known vulnerabilities that impact the application lifecycle (i.e., code, build, deploy and run). Prisma Cloud SCA delivers deep dependency detection and remediation of vulnerabilities in open source software before applications reach production. It can also help developers prioritize remediation based on software components that are already in use. These capabilities are not possible when SCA solutions are deployed as single point products.

"Developers leveraging open source software should be able to build applications with the confidence they aren't opening the organization up to risk, With the average application consisting of 75% open source components, SCA on Prisma Cloud is key to protecting the organization from code to cloud and empowering developers to build with speed."

Ankur Shah, senior vice president, Prisma Cloud, Palo Alto Networks

As a complete cloud-native application protection platform (CNAPP), Prisma Cloud is context-aware at every stage of the application lifecycle to provide a unified view of risk across organizations' cloud environments. Where current approaches to cloud security rely on siloed products that provide intermittent visibility without remediation, Prisma Cloud approaches cloud security with a comprehensive, prevention-first framework. With 188% increase in cloud incident response cases over the past three years, this shift in approach has become mandatory.

A complete code-to cloud CNAPP needs to incorporate the following five key principles in order to keep organizations safe:
  • Security from code to cloud — protects applications at every stage of the development lifecycle — from code, build, deploy and run.
  • Continuous, real time visibility — uses real-time and contextual security analysis of cloud environments to help prevent misconfigurations, vulnerabilities and threats.
  • Prevention-first protection — stopping attacks and defending against zero-day vulnerabilities to drive down mean time to remediation.
  • Choice for every cloud journey — aligning security needs with current and future cloud priorities by supporting a breadth of cloud service providers, workload architectures, continuous integration and continuous delivery (CI/CD) pipelines, integrated development environments (IDEs), and repositories with a unified platform
  • Cloud scale security — consistently secures applications as cloud environments scale.

In addition to SCA and to further increase the safety of cloud-native applications, Prisma Cloud introduced a software bill of materials (SBOM) among other capabilities for developers to easily maintain and reference a complete codebase inventory of every application component used across cloud environments. Implementing SCA and SBOM ensures Prisma Cloud aligns with these principles.

"Buyers looking for cloud-native security solutions need to keep the requirements of microservices security protection in mind. The 'bolted-on' and 'whack-a-mole' approaches are a thing of the past," said Frank Dickson, program vice president, Security and Trust at IDC. "Security should be embedded throughout the application development life cycle. This means that buyers need to fundamentally change their approach to security, although they need to continue to protect their run-time environments, they must also embrace solutions that embed security in the application development process, an approach referred to as 'shift left.' Shift left requires one to think less about security products and more about continuous security processes."

About Palo Alto Networks
Palo Alto Networks is the world's cybersecurity leader. We innovate to outpace cyberthreats, so organizations can embrace technology with confidence. We provide next-gen cybersecurity to thousands of customers globally, across all sectors. Our best-in-class cybersecurity platforms and services are backed by industry-leading threat intelligence and strengthened by state-of-the-art automation. Whether deploying our products to enable the Zero Trust Enterprise, responding to a security incident, or partnering to deliver better security outcomes through a world-class partner ecosystem, we're committed to helping ensure each day is safer than the one before. It's what makes us the cybersecurity partner of choice.

Spotlight


Other News
Cloud Deployment Models

Mirantis’ Lens AppIQ: Upgrading Kubernetes Application Management

Mirantis | September 22, 2023

Mirantis has introduced Lens AppIQ, a new tool designed to simplify Kubernetes application management. Available directly to the 50,000 organizations using Lens, Lens AppIQ offers application intelligence, making it accessible for non-Kubernetes specialists to oversee applications across multiple clusters. Lens AppIQ aggregates information from various configuration files and sources, presenting it in a user-friendly tabbed display. This feature allows cloud-native developers to streamline the deployment and management of Kubernetes applications, offering web-based tools for viewing application details, configuring security measures, and automating deployment processes. With a quick launch time of under a minute, Lens AppIQ swiftly identifies applications in connected clusters and maps their components. Developers can access application architecture, metadata, logs, events, and more through Lens Desktop’s new 'Applications' view or the Lens AppIQ web portal, simplifying debugging, accelerating code releases, and enhancing performance optimization. DevOps professionals, platform engineers, and operators can utilize Lens AppIQ to define, monitor, and enforce policies related to application performance, security, and compliance. Automation features in Lens AppIQ facilitate repeatable deployments and enable effortless application migration to new Kubernetes environments. Miska Kaipiainen, Vice President of Engineering at Mirantis, reportedly stated, While Lens Desktop already provides an incredibly user-friendly experience for Kubernetes management, we understand that cloud-native development doesn't end there. That's why we've created Lens AppIQ. Lens AppIQ complements Lens Desktop by offering real-time intelligence and additional insights into the apps running on your Kubernetes clusters. This not only makes debugging, operation, and security easier but also opens up Kubernetes to a broader audience of developers who can benefit from streamlined processes without having to become Kubernetes experts. [Source – Businesswire] Lens AppIQ is available for free for small-scale and trial use, accommodating up to 10 nodes, two clusters, and two users. A Pro plan is available for larger-scale use, supporting up to 100 nodes, 10 clusters, and 50 users, priced at $35 per node monthly, inclusive of 8 hours/5-day business hours support. Enterprises can opt for a bespoke version with 24/7 support and custom pricing. Lens AppIQ is accessible within Lens Desktop for the 50,000 organizations currently using Lens and is also available as a Software as a Service (SaaS) solution. About Lens With over 1 million users worldwide, Lens Desktop is a leading tool for boosting productivity in Kubernetes application development and management. This desktop application breaks down barriers for newcomers to Kubernetes while significantly enhancing the efficiency of experienced users. Lens supports all certified Kubernetes distributions on any infrastructure and seamlessly runs on Linux, macOS, and Windows. As the world's largest and most advanced Kubernetes platform, it provides real-time workload management, development, debugging, monitoring, and troubleshooting across multiple clusters. Built on open-source principles, Lens enjoys a strong community with over 20,000 stars on GitHub. About Mirantis Mirantis is a leading company streamlining code delivery on public and private clouds with a ZeroOps approach to Kubernetes. It serves global enterprises, enhancing developer productivity and offering secure cloud solutions. Its clients include Adobe, DocuSign, PayPal, and others across diverse industries. Mirantis contributes to open-source projects like Lens and Kubernetes, empowering businesses to tackle complex challenges.

Read More

Cloud Security

Tenable Acquires Ermetic to Boost Cloud Security with CNAPP and CIEM

Tenable | September 11, 2023

Tenable Holdings, Inc. is strengthening its focus on cloud security through the acquisition of Ermetic Ltd., a cloud-native application protection platform (CNAPP) company specializing in cloud infrastructure entitlement management (CIEM). This strategic move aims to enhance Tenable's Exposure Management Platform by providing improved risk visibility, prioritization, and remediation solutions for both cloud and on-premises environments. Ermetic's CNAPP offers comprehensive contextual analysis, simplifying the identification of critical issues like privileged access to exposed, vulnerable workloads. The integration of Ermetic's capabilities into Tenable One will broaden Tenable's offerings for hybrid environments, addressing the complex challenge of managing identity-based threats in the cloud. According to the Cloud Security Alliance's 2022 Top Cloud Threats report, identity-based threats are a top concern in cloud security. Tenable's acquisition of Ermetic seeks to simplify the process of understanding access risks and permissions in the cloud, making it more accessible for security professionals with varying levels of expertise. “We will have an opportunity to put additional market-leading cloud security capabilities into the hands of tens of thousands of customers,” said Amit Yoran, Chairman and Chief Executive Officer, Tenable. “Together, we will be able to deliver a holistic view of the modern attack surface and help organizations reduce exposure and risk, using identity as an essential foundation,” he further added. [Source: Globe News Wire] The combined offerings of Tenable and Ermetic will include a unified CNAPP solution for asset discovery, risk analysis, remediation, and compliance, as well as a robust CIEM solution for managing human and service identities in cloud infrastructure. The integration will provide context-aware risk prioritization across all cloud and on-premises resources and simplify the remediation process. The acquisition, valued at approximately $240 million in cash and $25 million in restricted stock and RSUs, is expected to close in early Q4 2023. Tenable will finance the cash portion of the acquisition using existing funds. However, Ermetic's financial results in Q4 2023 are not anticipated to significantly impact revenue or billings but are expected to increase non-GAAP operating expenses by $4–6 million. The combination of Tenable and Ermetic is poised to offer unparalleled visibility and value in managing cloud environments, simplifying the complexity of cloud security management. About Tenable Tenable is a prominent player in the computer and network security industry, headquartered in Columbia, MD. With a global footprint, the company serves approximately 40,000 organizations worldwide, including Fortune 500 giants, Global 2000 firms, and government agencies. Leveraging its renowned Nessus vulnerability expertise, Tenable offers a pioneering platform for comprehensively securing digital assets across various computing platforms. Its specialties encompass vulnerability management, continuous network monitoring, compliance, and a range of security solutions for web applications, containers, the cloud, industrial technology, IoT, and more.

Read More

Cloud Security

Lacework Announces Enterprise Multicloud Platform Updates

PR Newswire | October 25, 2023

Lacework, the data-driven cloud security company, today announced a series of updates that expand the platform's enterprise-grade capabilities to help customers do more in the cloud, securely. Lacework is extending its platform support to new cloud providers in order to give customers more choice as they secure their multicloud environments, adding integrations into leading project management tools to increase operational efficiency around risk management, and enhancing agentless workload scanning, among other updates. Expanded Enterprise Multicloud Support Enterprises implement multicloud strategies for various economic, technical, and legal reasons, and Lacework is committed to supporting its customers' cloud or clouds of choice. Lacework has extended cloud security posture management to Oracle Cloud Infrastructure (OCI), giving teams visibility into their OCI resources and their associated risks. Whether enterprises are using Amazon Web Services, Google Cloud, Azure, OCI or a combination, the unified Lacework platform gives them visibility from a single location, resulting in better context, better outcomes, and faster investigations. We are excited that Lacework has added support for Oracle Cloud Infrastructure. It gives us the opportunity to utilize Cloud Security Posture Management capabilities across our multicloud environment with a single platform, said Karen Prichard, Managing Director Group Security, Liberty Global. Our team can continue to reduce our risk and address our threats quicker with the added visibility and context provided by this new integration. Additionally, the Lacework platform is expanding its industry-leading attack path analysis to Google Cloud and Azure. Attack path analysis from Lacework allows security teams to see their cloud environment through the eyes of an attacker, identifying targets and mapping out how each threat could be exploited to breach a cloud environment. Now Lacework customers leveraging Google Cloud or Azure can gain attack path analysis that is bespoke to each cloud's unique environment. "My colleague already had the chance to identify configuration issues, it immediately flagged something we had to look at — giving us the opportunity to fix it," Simen Kildahl Eriksen, Security Engineer at Cognite, shares. "It provides an invaluable means of identifying potential configuration problems before they escalate into more significant security breaches." In the cloud, organizations routinely create and tear down services and containers quickly in order to meet changing demands. Whether testing-development or running batch jobs, ephemeral workloads and containers are opportunities for bad actors to gain access. It's important that security teams do not lose sight of these short-lived instances. To meet this growing need, Lacework agentless workload scanning has been upgraded to check customer workloads every five minutes for new instances. This granular visibility of what is running and its associated risk assures teams that they have comprehensive visibility into rapidly changing environments and gives confidence that short-lived instances are not falling through the security cracks. Operationalized Risk Management with ServiceNow and Jira Integrations It's not enough for an organization to have a list of vulnerabilities, they need to be able to quickly fix them. To enhance its industry-leading threat visibility tools, the Lacework platform now features integrations with ServiceNow and Jira that improve the process of mitigating vulnerabilities. Now, security and development teams have the premium vulnerability feeds with all the context Lacework is known for integrated into their ticketing system of choice. By connecting these systems to streamline response efforts, the appropriate teams can move faster when securing vulnerabilities. "With the rise of cloud adoption and migration, securing the enterprise has never been more important for organizations," said Deepak Kolingivadi, Head of Security Products at ServiceNow. "The Lacework integration with ServiceNow Vulnerability Response enables our enterprise customers to streamline their response processes by simplifying assignment, collaboration, and remediation of critical vulnerabilities. Using business context in ServiceNow, customers can detect and report the security posture of IT and application environments within the Now Platform. We look forward to continuing our partnership with Lacework and helping mutual customers address cybersecurity threats more quickly and efficiently." Lacework's integration with ServiceNow Vulnerability Response offerings for infrastructure and container applications is currently available in the ServiceNow marketplace. Lacework's integration to Security in Jira is in private preview. About Lacework Lacework keeps organizations secure in the cloud, allowing them to innovate faster with confidence. Cloud security requires a fundamentally new approach and the Lacework platform is designed to scale with the volume, variety, and velocity of cloud data across an organization's cloud environment: code, identities, containers, and multi-cloud infrastructure. Only Lacework provides Security and Development teams with a correlated and prioritized end-to-end view that pinpoints the largest risks and handful of security events that matter most. Learn more at www.lacework.com.

Read More

Cloud App Development

LogRhythm Unveils Major Advancements to Cloud-Native SIEM Platform, LogRhythm Axon

Business Wire | October 04, 2023

LogRhythm, the company helping security teams stop breaches by turning disconnected data and signals into trustworthy insights, today announced its 6th consecutive quarterly release and the one-year anniversary of its groundbreaking cloud-native SaaS SIEM platform, LogRhythm Axon. This quarterly release introduces significant enhancements and expansion to Axon and the full suite of LogRhythm solutions, underscoring the company's commitment to continuous innovation in the global cybersecurity landscape. "In a dynamic and ever-evolving cybersecurity landscape, LogRhythm is obsessed with delivering value our customers care about,” said Chris O’Malley, CEO of LogRhythm. “As we celebrate the one-year anniversary of Axon's launch, customer satisfaction is our first priority, guiding every decision we make. We believe that by driving continuous improvements in innovation delivery rooted in well understood customer needs, we can empower our product users to navigate the complex world of cybersecurity with confidence and efficiency." SOC Efficiency and Streamlined Analyst Workflows LogRhythm’s latest Axon release rounds out the ability to seamlessly detect, investigate, and respond to potential threats within a security operations center. With the foundation of incident response, security teams can now leverage Axon to automate team workflows through case management. Case management enables analysts to automatically create cases that enable investigative workflows to track responses to threats, thus mitigating duplication of efforts and optimizing threat mitigation strategies. In addition, Axon’s new Signal Replay feature enables SOC teams to test analytics rules to ensure detections are optimized for their environment. Continuing the effort to advance SOC efficiency, LogRhythm SIEM now provides seamless integration of log source onboarding through centralized management. This enhanced SIEM capability eliminates the need for administrators to navigate several servers and UIs to complete onboarding, thereby streamlining workflows through a single interface, increasing productivity, and reducing the administrative process in half. Bridging the Skills Gap LogRhythm continues to address the industry-wide skills gap by providing features that enhance the productivity and onboarding processes for security analysts. The new in-product resource centers for both LogRhythm SIEM and LogRhythm Axon equip security teams with tools they need to quickly understand how to best utilize the platforms and realize a faster time to value. This comprehensive resource hub provides quick access to tutorials, documentation, release information, and the LogRhythm Community for support from the security community. LogRhythm Expands Cloud-Native SIEM Platform to APAC LogRhythm is also pleased to announce the successful expansion of their LogRhythm Axon SIEM platform to the APAC region. With a new instance in Australia, LogRhythm Axon’s cloud-native SIEM will be available to provide customers with a flexible solution to strengthen security operations and ensure comprehensive protection. In partnership with Seamless Intelligence, LogRhythm’s partner of the year in Australia, a managed services layer will also be available for LogRhythm Axon customers. “LogRhythm Axon significantly advances what customers can and should expect from a cloud-native SaaS SIEM platform. We’ve been impressed with its platform design and architecture, as well as the continuous pace of innovation,” said Chris Bolan, Managing Director of Seamless Intelligence. “Our Axon managed services are being developed to take advantage of the platform’s capabilities and to provide our clients with the world-class cybersecurity solution and services needed to keep their organizations safe.” Additional enhancements with LogRhythm SIEM, LogRhythm NDR and LogRhythm Axon solutions released in this quarterly rollout include: LogRhythm Axon: User anomaly detection for improbable travel allows protection against abnormal access attempts into an organization's environment. New case management feature automates incident response and investigative workflows, helping SOC teams delegate resources, prioritize their work and improve efficiency. Cases and email notifications can be automatically created or sent when an analytic rule is triggered, indicating an event requires immediate attention. Ability to search common events allows analysts to find relevant security events across different vendors’ log sources without having prior knowledge of the underlying log structure. New signal replay enhances threat detection development process by allowing testing for analytics rules to ensure they are fine-tuned and optimized for their environment. LogRhythm SIEM: Streamlined onboarding of Beats and Open Collectors, a collection of LogRhythm services that gather and normalize data from various cloud providers, in a single location to cut the workflow in half. Enhanced API log source onboarding for easier management of Open Collectors and Beats. Expanded library of supported log sources and parsing for improved correlation and analysis. In-product Resource Center for access to tutorials, announcements, docs, and support. LogRhythm NDR: IP Behind Load Balancer Tracking for faster triage capabilities when responding to incidents. Enhanced model output contextualization to empower quicker action to threats as relevant information is readily available. In addition to LogRhythm's commitment to innovation and seamless cybersecurity solutions, Novacoast has also emerged as the first Axon services provider for LogRhythm's customer base. Novacoast's expertise in delivering innovative cybersecurity services adds a new layer of value to the already impressive suite of LogRhythm Axon capabilities. “This strategic partnership reflects the platform's efficacy and flexibility in enhancing security programs across diverse environments,” said Jonathan Poon, CISO at Novacoast. “As LogRhythm continues to adapt its Axon offerings to address customer requirements, we are proud to be part of this evolution, propelling the cybersecurity landscape forward. Together, we are addressing industry needs and setting the standard for security services.” About LogRhythm LogRhythm helps security teams stop breaches by turning disconnected data and signals into trustworthy insights. From connecting the dots across diverse log and threat intelligence sources to using sophisticated machine learning that spots suspicious anomalies in network traffic and user behavior, LogRhythm accurately pinpoints cyberthreats and empowers professionals to respond with speed and efficiency. With cloud-native and self-hosted deployment flexibility, out-of-the-box integrations, and advisory services, LogRhythm makes it easy to realize value quickly and adapt to an ever-evolving threat landscape. Together, LogRhythm and our customers confidently monitor, detect, investigate, and respond to cyberattacks. Learn more at logrhythm.com.

Read More

Cloud Deployment Models

Mirantis’ Lens AppIQ: Upgrading Kubernetes Application Management

Mirantis | September 22, 2023

Mirantis has introduced Lens AppIQ, a new tool designed to simplify Kubernetes application management. Available directly to the 50,000 organizations using Lens, Lens AppIQ offers application intelligence, making it accessible for non-Kubernetes specialists to oversee applications across multiple clusters. Lens AppIQ aggregates information from various configuration files and sources, presenting it in a user-friendly tabbed display. This feature allows cloud-native developers to streamline the deployment and management of Kubernetes applications, offering web-based tools for viewing application details, configuring security measures, and automating deployment processes. With a quick launch time of under a minute, Lens AppIQ swiftly identifies applications in connected clusters and maps their components. Developers can access application architecture, metadata, logs, events, and more through Lens Desktop’s new 'Applications' view or the Lens AppIQ web portal, simplifying debugging, accelerating code releases, and enhancing performance optimization. DevOps professionals, platform engineers, and operators can utilize Lens AppIQ to define, monitor, and enforce policies related to application performance, security, and compliance. Automation features in Lens AppIQ facilitate repeatable deployments and enable effortless application migration to new Kubernetes environments. Miska Kaipiainen, Vice President of Engineering at Mirantis, reportedly stated, While Lens Desktop already provides an incredibly user-friendly experience for Kubernetes management, we understand that cloud-native development doesn't end there. That's why we've created Lens AppIQ. Lens AppIQ complements Lens Desktop by offering real-time intelligence and additional insights into the apps running on your Kubernetes clusters. This not only makes debugging, operation, and security easier but also opens up Kubernetes to a broader audience of developers who can benefit from streamlined processes without having to become Kubernetes experts. [Source – Businesswire] Lens AppIQ is available for free for small-scale and trial use, accommodating up to 10 nodes, two clusters, and two users. A Pro plan is available for larger-scale use, supporting up to 100 nodes, 10 clusters, and 50 users, priced at $35 per node monthly, inclusive of 8 hours/5-day business hours support. Enterprises can opt for a bespoke version with 24/7 support and custom pricing. Lens AppIQ is accessible within Lens Desktop for the 50,000 organizations currently using Lens and is also available as a Software as a Service (SaaS) solution. About Lens With over 1 million users worldwide, Lens Desktop is a leading tool for boosting productivity in Kubernetes application development and management. This desktop application breaks down barriers for newcomers to Kubernetes while significantly enhancing the efficiency of experienced users. Lens supports all certified Kubernetes distributions on any infrastructure and seamlessly runs on Linux, macOS, and Windows. As the world's largest and most advanced Kubernetes platform, it provides real-time workload management, development, debugging, monitoring, and troubleshooting across multiple clusters. Built on open-source principles, Lens enjoys a strong community with over 20,000 stars on GitHub. About Mirantis Mirantis is a leading company streamlining code delivery on public and private clouds with a ZeroOps approach to Kubernetes. It serves global enterprises, enhancing developer productivity and offering secure cloud solutions. Its clients include Adobe, DocuSign, PayPal, and others across diverse industries. Mirantis contributes to open-source projects like Lens and Kubernetes, empowering businesses to tackle complex challenges.

Read More

Cloud Security

Tenable Acquires Ermetic to Boost Cloud Security with CNAPP and CIEM

Tenable | September 11, 2023

Tenable Holdings, Inc. is strengthening its focus on cloud security through the acquisition of Ermetic Ltd., a cloud-native application protection platform (CNAPP) company specializing in cloud infrastructure entitlement management (CIEM). This strategic move aims to enhance Tenable's Exposure Management Platform by providing improved risk visibility, prioritization, and remediation solutions for both cloud and on-premises environments. Ermetic's CNAPP offers comprehensive contextual analysis, simplifying the identification of critical issues like privileged access to exposed, vulnerable workloads. The integration of Ermetic's capabilities into Tenable One will broaden Tenable's offerings for hybrid environments, addressing the complex challenge of managing identity-based threats in the cloud. According to the Cloud Security Alliance's 2022 Top Cloud Threats report, identity-based threats are a top concern in cloud security. Tenable's acquisition of Ermetic seeks to simplify the process of understanding access risks and permissions in the cloud, making it more accessible for security professionals with varying levels of expertise. “We will have an opportunity to put additional market-leading cloud security capabilities into the hands of tens of thousands of customers,” said Amit Yoran, Chairman and Chief Executive Officer, Tenable. “Together, we will be able to deliver a holistic view of the modern attack surface and help organizations reduce exposure and risk, using identity as an essential foundation,” he further added. [Source: Globe News Wire] The combined offerings of Tenable and Ermetic will include a unified CNAPP solution for asset discovery, risk analysis, remediation, and compliance, as well as a robust CIEM solution for managing human and service identities in cloud infrastructure. The integration will provide context-aware risk prioritization across all cloud and on-premises resources and simplify the remediation process. The acquisition, valued at approximately $240 million in cash and $25 million in restricted stock and RSUs, is expected to close in early Q4 2023. Tenable will finance the cash portion of the acquisition using existing funds. However, Ermetic's financial results in Q4 2023 are not anticipated to significantly impact revenue or billings but are expected to increase non-GAAP operating expenses by $4–6 million. The combination of Tenable and Ermetic is poised to offer unparalleled visibility and value in managing cloud environments, simplifying the complexity of cloud security management. About Tenable Tenable is a prominent player in the computer and network security industry, headquartered in Columbia, MD. With a global footprint, the company serves approximately 40,000 organizations worldwide, including Fortune 500 giants, Global 2000 firms, and government agencies. Leveraging its renowned Nessus vulnerability expertise, Tenable offers a pioneering platform for comprehensively securing digital assets across various computing platforms. Its specialties encompass vulnerability management, continuous network monitoring, compliance, and a range of security solutions for web applications, containers, the cloud, industrial technology, IoT, and more.

Read More

Cloud Security

Lacework Announces Enterprise Multicloud Platform Updates

PR Newswire | October 25, 2023

Lacework, the data-driven cloud security company, today announced a series of updates that expand the platform's enterprise-grade capabilities to help customers do more in the cloud, securely. Lacework is extending its platform support to new cloud providers in order to give customers more choice as they secure their multicloud environments, adding integrations into leading project management tools to increase operational efficiency around risk management, and enhancing agentless workload scanning, among other updates. Expanded Enterprise Multicloud Support Enterprises implement multicloud strategies for various economic, technical, and legal reasons, and Lacework is committed to supporting its customers' cloud or clouds of choice. Lacework has extended cloud security posture management to Oracle Cloud Infrastructure (OCI), giving teams visibility into their OCI resources and their associated risks. Whether enterprises are using Amazon Web Services, Google Cloud, Azure, OCI or a combination, the unified Lacework platform gives them visibility from a single location, resulting in better context, better outcomes, and faster investigations. We are excited that Lacework has added support for Oracle Cloud Infrastructure. It gives us the opportunity to utilize Cloud Security Posture Management capabilities across our multicloud environment with a single platform, said Karen Prichard, Managing Director Group Security, Liberty Global. Our team can continue to reduce our risk and address our threats quicker with the added visibility and context provided by this new integration. Additionally, the Lacework platform is expanding its industry-leading attack path analysis to Google Cloud and Azure. Attack path analysis from Lacework allows security teams to see their cloud environment through the eyes of an attacker, identifying targets and mapping out how each threat could be exploited to breach a cloud environment. Now Lacework customers leveraging Google Cloud or Azure can gain attack path analysis that is bespoke to each cloud's unique environment. "My colleague already had the chance to identify configuration issues, it immediately flagged something we had to look at — giving us the opportunity to fix it," Simen Kildahl Eriksen, Security Engineer at Cognite, shares. "It provides an invaluable means of identifying potential configuration problems before they escalate into more significant security breaches." In the cloud, organizations routinely create and tear down services and containers quickly in order to meet changing demands. Whether testing-development or running batch jobs, ephemeral workloads and containers are opportunities for bad actors to gain access. It's important that security teams do not lose sight of these short-lived instances. To meet this growing need, Lacework agentless workload scanning has been upgraded to check customer workloads every five minutes for new instances. This granular visibility of what is running and its associated risk assures teams that they have comprehensive visibility into rapidly changing environments and gives confidence that short-lived instances are not falling through the security cracks. Operationalized Risk Management with ServiceNow and Jira Integrations It's not enough for an organization to have a list of vulnerabilities, they need to be able to quickly fix them. To enhance its industry-leading threat visibility tools, the Lacework platform now features integrations with ServiceNow and Jira that improve the process of mitigating vulnerabilities. Now, security and development teams have the premium vulnerability feeds with all the context Lacework is known for integrated into their ticketing system of choice. By connecting these systems to streamline response efforts, the appropriate teams can move faster when securing vulnerabilities. "With the rise of cloud adoption and migration, securing the enterprise has never been more important for organizations," said Deepak Kolingivadi, Head of Security Products at ServiceNow. "The Lacework integration with ServiceNow Vulnerability Response enables our enterprise customers to streamline their response processes by simplifying assignment, collaboration, and remediation of critical vulnerabilities. Using business context in ServiceNow, customers can detect and report the security posture of IT and application environments within the Now Platform. We look forward to continuing our partnership with Lacework and helping mutual customers address cybersecurity threats more quickly and efficiently." Lacework's integration with ServiceNow Vulnerability Response offerings for infrastructure and container applications is currently available in the ServiceNow marketplace. Lacework's integration to Security in Jira is in private preview. About Lacework Lacework keeps organizations secure in the cloud, allowing them to innovate faster with confidence. Cloud security requires a fundamentally new approach and the Lacework platform is designed to scale with the volume, variety, and velocity of cloud data across an organization's cloud environment: code, identities, containers, and multi-cloud infrastructure. Only Lacework provides Security and Development teams with a correlated and prioritized end-to-end view that pinpoints the largest risks and handful of security events that matter most. Learn more at www.lacework.com.

Read More

Cloud App Development

LogRhythm Unveils Major Advancements to Cloud-Native SIEM Platform, LogRhythm Axon

Business Wire | October 04, 2023

LogRhythm, the company helping security teams stop breaches by turning disconnected data and signals into trustworthy insights, today announced its 6th consecutive quarterly release and the one-year anniversary of its groundbreaking cloud-native SaaS SIEM platform, LogRhythm Axon. This quarterly release introduces significant enhancements and expansion to Axon and the full suite of LogRhythm solutions, underscoring the company's commitment to continuous innovation in the global cybersecurity landscape. "In a dynamic and ever-evolving cybersecurity landscape, LogRhythm is obsessed with delivering value our customers care about,” said Chris O’Malley, CEO of LogRhythm. “As we celebrate the one-year anniversary of Axon's launch, customer satisfaction is our first priority, guiding every decision we make. We believe that by driving continuous improvements in innovation delivery rooted in well understood customer needs, we can empower our product users to navigate the complex world of cybersecurity with confidence and efficiency." SOC Efficiency and Streamlined Analyst Workflows LogRhythm’s latest Axon release rounds out the ability to seamlessly detect, investigate, and respond to potential threats within a security operations center. With the foundation of incident response, security teams can now leverage Axon to automate team workflows through case management. Case management enables analysts to automatically create cases that enable investigative workflows to track responses to threats, thus mitigating duplication of efforts and optimizing threat mitigation strategies. In addition, Axon’s new Signal Replay feature enables SOC teams to test analytics rules to ensure detections are optimized for their environment. Continuing the effort to advance SOC efficiency, LogRhythm SIEM now provides seamless integration of log source onboarding through centralized management. This enhanced SIEM capability eliminates the need for administrators to navigate several servers and UIs to complete onboarding, thereby streamlining workflows through a single interface, increasing productivity, and reducing the administrative process in half. Bridging the Skills Gap LogRhythm continues to address the industry-wide skills gap by providing features that enhance the productivity and onboarding processes for security analysts. The new in-product resource centers for both LogRhythm SIEM and LogRhythm Axon equip security teams with tools they need to quickly understand how to best utilize the platforms and realize a faster time to value. This comprehensive resource hub provides quick access to tutorials, documentation, release information, and the LogRhythm Community for support from the security community. LogRhythm Expands Cloud-Native SIEM Platform to APAC LogRhythm is also pleased to announce the successful expansion of their LogRhythm Axon SIEM platform to the APAC region. With a new instance in Australia, LogRhythm Axon’s cloud-native SIEM will be available to provide customers with a flexible solution to strengthen security operations and ensure comprehensive protection. In partnership with Seamless Intelligence, LogRhythm’s partner of the year in Australia, a managed services layer will also be available for LogRhythm Axon customers. “LogRhythm Axon significantly advances what customers can and should expect from a cloud-native SaaS SIEM platform. We’ve been impressed with its platform design and architecture, as well as the continuous pace of innovation,” said Chris Bolan, Managing Director of Seamless Intelligence. “Our Axon managed services are being developed to take advantage of the platform’s capabilities and to provide our clients with the world-class cybersecurity solution and services needed to keep their organizations safe.” Additional enhancements with LogRhythm SIEM, LogRhythm NDR and LogRhythm Axon solutions released in this quarterly rollout include: LogRhythm Axon: User anomaly detection for improbable travel allows protection against abnormal access attempts into an organization's environment. New case management feature automates incident response and investigative workflows, helping SOC teams delegate resources, prioritize their work and improve efficiency. Cases and email notifications can be automatically created or sent when an analytic rule is triggered, indicating an event requires immediate attention. Ability to search common events allows analysts to find relevant security events across different vendors’ log sources without having prior knowledge of the underlying log structure. New signal replay enhances threat detection development process by allowing testing for analytics rules to ensure they are fine-tuned and optimized for their environment. LogRhythm SIEM: Streamlined onboarding of Beats and Open Collectors, a collection of LogRhythm services that gather and normalize data from various cloud providers, in a single location to cut the workflow in half. Enhanced API log source onboarding for easier management of Open Collectors and Beats. Expanded library of supported log sources and parsing for improved correlation and analysis. In-product Resource Center for access to tutorials, announcements, docs, and support. LogRhythm NDR: IP Behind Load Balancer Tracking for faster triage capabilities when responding to incidents. Enhanced model output contextualization to empower quicker action to threats as relevant information is readily available. In addition to LogRhythm's commitment to innovation and seamless cybersecurity solutions, Novacoast has also emerged as the first Axon services provider for LogRhythm's customer base. Novacoast's expertise in delivering innovative cybersecurity services adds a new layer of value to the already impressive suite of LogRhythm Axon capabilities. “This strategic partnership reflects the platform's efficacy and flexibility in enhancing security programs across diverse environments,” said Jonathan Poon, CISO at Novacoast. “As LogRhythm continues to adapt its Axon offerings to address customer requirements, we are proud to be part of this evolution, propelling the cybersecurity landscape forward. Together, we are addressing industry needs and setting the standard for security services.” About LogRhythm LogRhythm helps security teams stop breaches by turning disconnected data and signals into trustworthy insights. From connecting the dots across diverse log and threat intelligence sources to using sophisticated machine learning that spots suspicious anomalies in network traffic and user behavior, LogRhythm accurately pinpoints cyberthreats and empowers professionals to respond with speed and efficiency. With cloud-native and self-hosted deployment flexibility, out-of-the-box integrations, and advisory services, LogRhythm makes it easy to realize value quickly and adapt to an ever-evolving threat landscape. Together, LogRhythm and our customers confidently monitor, detect, investigate, and respond to cyberattacks. Learn more at logrhythm.com.

Read More

More Trending news

Spotlight

Resources

IDC on Cloud Benefits and Beyond

Whitepaper

Magic Quadrant for Application Performance Monitoring and Observability

Whitepaper

The Total Economic Impact of VMware SASE, Cost Savings and Business Benefits Enabled By SASE

Whitepaper

IDC on Cloud Benefits and Beyond

Whitepaper

Magic Quadrant for Application Performance Monitoring and Observability

Whitepaper

The Total Economic Impact of VMware SASE, Cost Savings and Business Benefits Enabled By SASE

Whitepaper