Infosec products of the month: January 2022
Here’s a look at the most interesting products from the past month, featuring releases from Avast, Axonius, Borderless Security, CyberRes, Deepfence, GrammaTech, Kovrr, LiveAction, MetricStream, NormCyber, Panorays, Pentera, Samsung, SpyCloud, SureCloud, TAC Security, and Zyxel Communications.
SureCloud Internal Audit Management streamlines and accelerates audit engagements
Internal Audit Management is a cloud-based solution designed to help organizations efficiently manage the entire audit process, from planning, risk assessments, and fieldwork to findings, issue management, and reporting.
NormCyber smartbloc. offers visibility over cyber and data protection risks
Smartbloc. is a subscription-based service designed for midsized organizations that want to proactively address cyber security and compliance requirements, but without the in-house expertise or budget to manage these mission-critical activities themselves on a day-to-day basis.
CyberRes Galaxy accelerates executive understanding of cyber risk
CyberRes Galaxy is a platform designed from the ground up to help CISOs, senior executives, and risk professionals eliminate the hyperbole and focus on what matters to their business. It does this by tying individual users and their specific business risks to threats that they need to counter in order to ensure comprehensive cyber resiliency.
Zyxel adds WiFi access point security service to its Nebula Cloud Networking solution
Designed for small or micro-businesses that cannot afford a business firewall, Zyxel has created the Connect and Protect (CNP) AP security service license. A network security service, the Zyxel CNP license incorporates multiple elements that increase WiFi protection for users in commercial venues.
Avast enhances free security and privacy protection for Windows users
Avast announced an update to its Avast Free Antivirus and Avast Premium Security product versions for Windows. Avast’s Firewall provides an additional layer of protection, preventing unauthorised remote access when connected to the home network or unknown networks on the go.
Kovrr Quantum enables organizations to financially quantify their cyber risk exposure
Quantum leverages multiple cyber risk models trusted by world-leading cyber insurers, to financially quantify exposure to cyber-attacks and third-party failures that can lead to significant financial loss. This empowers CISOs, Chief Risk Officers, and CIOs to make well-informed risk management decisions and enables them to justify cybersecurity investment and risk management strategies.
GrammaTech CodeSentry 3.0 improves software supply chain security
CodeSentry version 3.0 now provides enhanced intelligence, visibility and remediation information for vulnerabilities present in open source components as well as license information that it detects by automating binary scanning.
Axonius SaaS Management identifies misconfigurations and data security risks
Axonius SaaS Management lets customers address the operational and financial challenges of SaaS asset management, as well as the security and risk gaps, all via a non-intrusive deployment that delivers actionable insights from day one.
SpyCloud Identity Risk Engine provides fraud risk assessments based on malware-stolen credentials
SpyCloud’s solution provides an assessment of identity risk derived from a wide variety of sophisticated attack patterns of account takeover and synthetic identity fraud. It is also notable in its capacity to incorporate their proprietary data sources of exposed credentials and identities into their risk models.
TAC Security ESOF VMDR offers vulnerability management coverage in a single platform
ESOF is a single platform that provides vulnerability assessment across the entire IT stack and an aggregate score of cyber risk that incorporates data from the widest view of an organization’s vulnerabilities.
Panorays unveils free complimentary offering to help companies defend against supply chain attacks
Panorays’ new complimentary offering includes a Security Passport, which enables users to build and share a security overview with potential customers. In addition, the new offering includes a Panorays Security Profile, which provides full visibility into a company’s cyber posture and specific cyber gaps, identified through Panorays’ external attack surface assessment.
Pentera’s security validation platform reduces corporate cybersecurity risk
Pentera autonomously emulates the entire cyberattack kill chain, from external-facing assets all the way to the core of the enterprise, thus revealing the most risk-bearing security gaps. The platform frequently tests organizations’ entire attack surface to identify exploitable vulnerabilities and delivers an actionable strategy to solidify their security posture.
Borderless Security launches FilesDNA to protect electronic document sharing
Driven by AI and ML integration, FilesDNA provides a user-friendly process for ID verification of every signed user, to eliminate fraudulent activities via blockchain integrity. It also utilises a voice recognition system that captures the unique parameters of a user’s voice to provide an additional layer of security, to protect their identity and e-signature.
Deepfence ThreatMapper 1.2.0 helps DevSecOps professionals identify critical vulnerabilities
ThreatMapper 1.2.0 adds several in-demand features, including Attack Path Visualization, with a more representative calculation of the Most Exploitable Vulnerabilities, support for discovering and scanning AWS Fargate workloads for vulnerabilities, ARM support, and support for integration with Google Chronicle.
Samsung’s fingerprint security IC prevents fraudulent transactions made with stolen cards
The new security IC is an all-in-one security chip solution that reads biometric information through a fingerprint sensor, stores and authenticates encrypted data with a tamper-proof SE, and analyzes and processes data with a Secure Processor.
LiveAction ThreatEye NV provides visibility into encrypted traffic and network anomalies
Utilizing Deep Packet Dynamics (DPD) that eliminates the need for payload inspection, the platform analyzes more than 150 packet traits and behaviors across multi-vendor, multi-domain and multi-cloud network environments. This helps accelerate real-time threat detection, eliminates encryption blindness, validates encryption compliance, and allows teams to better secure the entire network and coordinate responses with other security tools such as SIEM and SOAR.
MetricStream ConnectedGRC reduces risk exposure for organizations
MetricStream announced ConnectedGRC solutions that address today’s most urgent business challenges related to risk, compliance, audit, cyber risks, and environmental, social, governance (ESG).