New infosec products of the week: May 7, 2021
Assessing third-party security controls with Panorays Smart Questionnaires
Unlike manual security questionnaires, Smart Questionnaires include only the questions that are relevant for each supplier based on the business relationship context. Customers can easily track the progress of hundreds of third parties at once, and can also immediately identify if there are any policy gaps that need to be addressed.
Yubico YubiKey 5 FIPS Series extends phishing-resistant MFA to additional use cases
Yubico announced its next-generation FIPS security keys: the YubiKey 5 FIPS Series. The new product line is the industry’s first set of multi-protocol security keys with support for FIDO2 and WebAuthn, along with smart card (PIV/CAC), to receive FIPS 140-2 validation, Overall Level 1 and Level 2.
Semperis DSP 3.5 provides automated security assessments of Microsoft Active Directory
Semperis announced Directory Services Protector (DSP) 3.5, which includes DSP Intelligence, a new module that provides automated security assessments of Microsoft Active Directory. DSP Intelligence proactively uncovers dangerous vulnerabilities that arise from external threat actors, systemic weaknesses in default identity and access settings, and even internal configuration drift that leads to security regression.
DigiCert Smart Seal improves consumer trust in websites
When site visitors roll over the DigiCert Smart Seal, they see the company’s logo, which has been verified by DigiCert. They also view usable information about the site’s security delivered right to the seal, so users do not have to leave the page to verify a site’s legitimate identity.
Mandiant Managed Defense now supports Microsoft Defender for Endpoint
Mandiant Managed Defense, Mandiant’s managed detection and response service, now supports Microsoft Defender for Endpoint. Together, Mandiant and Microsoft customers can quickly and effectively investigate the most impactful events leveraging proven response tactics to direct swift, decisive action in security operations.
IBM Cloud Pak for Security simplifies how organizations deploy a zero trust architecture
The new IBM Security zero trust blueprints offer a framework for building a security program designed by applying the core principles of zero trust: least privilege access; never trust, always verify; and assume breach. These blueprints can offer companies a prescriptive roadmap of security capabilities along with guidance on how to integrate them as part of a zero trust architecture.
QOMPLX Identity Assurance now automatically detects identity-based attacks on cloud service providers
QOMPLX’s new Cloud Identity Forgery detections for Q:CYBER detect lateral movement and post-exploitation attacks, including those used in the SolarWinds (Sunburst) compromises, in which attackers illicitly accessed federated cloud services using forged Security Assertion Markup Language (SAML) assertions.
Trend Micro unveils OT-native endpoint security solution for ICS environments
Trend Micro announced an OT-native endpoint security solution, provided as part of its total security solution for smart factories. Developed by TXOne Networks, TXOne StellarProtect is designed to secure all OT endpoints, regardless of environmental conditions, for any mission-critical ICS environment.
TrilioVault for Kubernetes 2.1 offers visibility and insights into Velero backups
TrilioVault for Kubernetes 2.1 features new Kubernetes management functionality including visibility and insights into Velero-based backups as well as enhanced disaster recovery (DR) capabilities for multi-cloud infrastructure deployments.