New infosec products of the week: September 29, 2017
Fortanix launches runtime encryption using Intel SGX
Fortanix’ Self-Defending Key Management Service (SDKMS) is a cloud service delivering runtime encryption technology to protect applications and data during use. Runtime encryption allows general-purpose computation on encrypted data without exposing sensitive data to untrusted operating systems, root users, cloud providers, or malicious insiders.
Manage real-time change detection for global IT environments
Qualys released its highly scalable and centralized File Integrity Monitoring (FIM) Cloud App, which logs and centrally tracks file change events across global IT systems and a variety of enterprise operating systems to provide customers a way to achieve centralized cloud-based visibility of activity resulting from normal patching and administrative tasks, change control exceptions or violations, or malicious activity — then report on that system activity as part of compliance mandates.
End-to-end visibility for public cloud platforms
Ixia has further extended the CloudLens Visibility Platform to include support for Microsoft Azure, Google Cloud Platform, IBM Bluemix, and Alibaba Cloud, in addition to the existing support for AWS, and for both Windows and Linux. CloudLens was designed from the ground up to retain the benefits of the cloud – elastic scale, flexibility, and agility, while enabling security, analytics, and forensics tools to acquire the needed data, whether the tool is in a private data center or public cloud.
Twistlock releases Twistlock 2.2 with Incident Explorer
The latest release of Twistlock focuses on advanced threat analytics and prevention and includes several machine learning driven layers such as a Cloud Native Network Firewall and Incident Explorer. In addition, the release provides runtime defense down to the host OS and delivers comprehensive compliance monitoring and enforcement for Kubernetes.
Cloud-based logging service to enable innovative security applications
Palo Alto Networks announced its new cloud-based Logging Service, which allows customers to amass large amounts of their own data from the Palo Alto Networks Next-Generation Security Platform. Logging Service provides a centralized and scalable logging infrastructure without operational overhead, allowing customers to collect log data without local compute and storage limitations.
XT Access Manager: Privileged account management and automation
Xton Technologies released the XT Access Manager (XTAM),a PAM platform that combines a secure identity vault, session management with recording and automated password resets. Customers also can take advantage of features including delegated script execution, discovery of privileged accounts and extensive reporting for network computers and IoT devices.
SecurityFirst delivers scalable and transparent data-centric protection
DataKeep is a data-centric security software solution comprised of a management console and encryption agents. DataKeep enables accelerated encryption at scale, protecting data from the source of creation in the OS all the way through, and including, data storage, regardless of whether data resides on-premise, in the cloud or a virtual environment.
Natural language intelligence software enables anyone to ask security questions
Insight Engines Cyber Security Investigator (CSI) for Splunk lets users ask questions of datasets using natural language. Its Splunk application lets anyone in an organization detect, investigate, and visualize cyberthreats – even if they don’t have expertise in Splunk Search Processing Language (SPL).
Threatcare builds AI-based virtual cybersecurity professional
Similar to a Siri or Alexa for cybersecurity, Violet has machine learning and Neuro-Linguistic Programming (NLP) capabilities and can answer questions and take commands from security analysts who are looking to find and fix urgent threats in their networks. Violet is the world’s first virtual cybersecurity professional that aims to replace multiple team members, offering continuous reconnaissance to give an attacker’s view of an organization.