New infosec products of the week: November 18, 2016
ThreatQuotient delivers threat intelligence platform for threat operations and management
ThreatQ v2 has transformed the threat intelligence platform into a powerful foundation for cyber threat operations and management. With ThreatQ v2 customers can improve situational understanding, accelerate detection and response, and increase threat operations efficiency through greater team collaboration.
Acunetix 11 integrates vulnerability management
New integrated vulnerability management features allow for the review of aggregated vulnerability data across all Targets, prioritizing security risks and therefore providing a clear view of the business’ security posture, while facilitating compliance. The user interface has been re-engineered from the ground up for greater usability and manageability. The minimalist design focuses on the most widely used and important features, doing away with extras which cluttered the screen.
CipherCloud introduces advanced data protection for SAP SuccessFactors solutions
Built on CipherCloud’s Cloud Access Security Broker (CASB) platform, the new capabilities help deliver advanced encryption and customer-controlled key management, enabling enterprises to retain full control over sensitive data and meet complex global data privacy requirements as they move to the SAP SuccessFactors HCM Suite in the cloud.
BitSight introduces portfolio thresholds and analytics
BitSight released new Security Ratings Platform enhancements, which enable organizations to gain actionable insights into the aggregate cybersecurity risk of their vendors. The BitSight Portfolio Quality Dashboard provides thresholds, alerts and notifications, and analysis around vendor risk, allowing users to identify and monitor trends and shifts in the cybersecurity posture of their entire vendor ecosystem, as well as compare their aggregate risk against a broader universe of companies.
CyberArk adds credential theft blocking to expand privilege protection at the endpoint
CyberArk announced new behavioral analytics to block and contain advanced threats targeting credential theft at the endpoint. CyberArk Viewfinity, with enhanced threat protection features, is now available as CyberArk Endpoint Privilege Manager. This product protects against advanced threats that exploit privileged credentials by interlocking three core capabilities: privilege management, application control and new targeted credential theft detection and blocking to stop and contain damaging attacks at the endpoint.
Gurucul Risk Analytics now features hybrid behavior analytics models
Gurucul has added hybrid behavior analytics models to its Gurucul Risk Analytics platform which can detect unknown security threats and identity access risks that span both cloud and on-premises environments. The company also introduced hybrid DLP behavior models that use data sources from both infrastructures to identify and prevent data exfiltration. This latest addition to the company’s machine learning model library provides 360-degree visibility and risk-scoring of identities, accounts, access and activity in today’s borderless architectures.
Threat Stack unveils Cloud Security Platform operational workflow enhancements
Threat Stack announced new features to its Cloud Security Platform to enable easy customization and decrease total time to detection for security and operations teams. The updates to the platform streamline workflows in three areas: host intrusion detection rules management; management of servers protected by Threat Stack; and software vulnerability assessment and management. These enhancements reduce the time investment needed to keep scaling cloud environments secure.
Lookout launches breach report and identity protection
Lookout now provides actionable breach alerts and identity protection to help individuals keep personal data, such as financial information and social security numbers, safe from digital and physical theft. Breach Report provides individuals with timely alerts when a company, app, or service they may use suffers a data breach that could impact personal security, privacy, and financial resources.
Cybric releases Continuous Security-as-a-Service platform
Cybric announced the launch of its Continuous Security-as-a-Service platform, the first to make DevSecOps a reality by integrating application security testing into the Continuous Integration / Continuous Deployment (CI/CD) pipeline without impacting the productivity and speed of development teams. The release comes one month after Cybric closed $6.3 million in seed funding to launch this fully developed SaaS platform solution to the global marketplace.
Cloud Security Alliance launches crowdfunded cloud security management solution
The Cloud Security Alliance launched its new STARWatch application, a SaaS application designed to help organizations manage compliance with CSA requirements. STARWatch delivers the content of CSA’s Cloud Control Matrix and CSA’s Consensus Assessments Initiative Questionnaire v3.0.1 in a database format, enabling users to manage compliance of cloud services with the CSA best practices.
Skyport Systems announces new threat analytics
Skyport Systems announced the addition of threat analytics to its hyper-converged system, SkySecure. SkySecure delivers a turnkey hyper-converged solution that combines secure computer, virtualization, and network security controls to run critical applications, like Microsoft Active Directory, with less complexity. SkySecure Threat Analytics can detect administrative account and credential misuse, providing actionable insight that can help mitigate and prevent security breaches.
Dell releases data protection for the entire data lifecycle
Dell released Dell Data Protection | Secure Lifecycle, which protects critical business data at all stages of the lifecycle – at rest, in motion, and in use – whether inside or outside of a network. It also provides the ability to define access rights at a granular level, giving IT leaders the authority to restrict individual file access rights only to those that ‘need to know.’
Comodo unveils full-lifecycle Digital Certificate Management platform
Comodo launched a new release of Comodo Certificate Manager (CCM). CCM allows businesses to self-administer and instantly provision Comodo certificates and auto-discover and manage all certificates, from any CA, throughout the organization. Notably, CCM automatically discovers all internal and external SSL/TLS certificates and organizes them into one central inventory to simplify SSL/PKI tracking and management. It also alerts them when certificates are about to expire.