Infosec products of the month: August 2022

Here’s a look at the most interesting products from the past month, featuring releases from: AuditBoard, Claroty, Concentric AI, Cymulate, Deepfence, Drata, Fortinet, Halo Security, NetRise, Ntrinsec, PlainID, Privitar, Qualys, Raytheon Technologies, ReasonLabs, Scrut Automation, SimSpace, Sony, Tenacity, Traceable AI, Transmit Security, and VIPRE Security.

Qualys CyberSecurity Asset Management 2.0 with EASM identifies unknown internet-facing assets

Qualys announced it is adding External Attack Surface Management (EASM) capabilities to the Qualys Cloud Platform. Qualys CyberSecurity Asset Management 2.0 with EASM enables organizations to continuously monitor and reduce the entire enterprise attack surface including internal and internet-facing assets and discover previously unidentified exposures.

Sony in-camera forgery proof technology available for Alpha 7 IV camera

With Sony’s in-camera signing mode activated, images are immediately cryptographically signed by the camera processor upon capture. Following this, any pixel modification, tampering or potential forgery will cancel the image signature, as the image manipulation will be detected by the customer’s own certificate server during examination.

Fortinet announces FortiGate 4800F to improve security for hyperscale data centers and 5G networks

The FortiGate 4800F series NGFW delivers high speed networking, increased scalability, and optimized performance features. Enterprises and service providers using the FortiGate NGFW can manage all of their security risks with the IPS, SSL inspection, and threat protection. The FortiGate 4800F series can be deployed at the enterprise edge, the hybrid and hyperscale data center core, and across internal segments.

Scrut Automation Risk Management allows customers to prioritize and manage risks

Scrut Risk Management is an assessment tool that combines all required elements of risk management, including mapping standard specific controls to risks, tracking compliance progress against each mitigated risk, and computing inherent and residual risk – under one umbrella.

Claroty xDome drives cyber and operational resilience for industrial enterprises

Claroty xDome automatically profiles all XIoT assets and their communication patterns in order to generate a baseline for normal network behavior, characterize legitimate traffic to weed out false positive anomalies, and alert users in real-time to both known, unknown, and emerging threats.

VIPRE Endpoint Detection and Response protects SMBs against malware and other malicious attacks

VIPRE Endpoint Detection and Response (EDR), was designed to help small and medium-sized businesses (SMBs) and IT partners navigate the complexities of EDR management from a single, easy-to-use console. It constantly scans files, processes, and network activity for known and unknown threats and instantly alerts you to suspicious behaviors.

Cymulate improves risk visibility for businesses with new analytics capabilities

Cymulate XSPM streamlines the influx of information by focusing on attack-based data to evaluate exposed assets, validate security control efficacy, and assess end-to-end kill chain resilience. The pre-loaded and customizable dynamic dashboards and reports provide an instantaneous understanding of any aspect of users security posture.

Concentric releases AI-based solution to protect data shared across business messaging platforms

Concentric AI has launched functionality that protects sensitive data shared as text or attachments across business messaging platforms, including e-mail, Slack and Microsoft Teams. These capabilities, available as part of the Concentric Semantic Intelligence platform, evaluate and manage data security posture to give security professionals remediation tools they need to find access issues and prevent data loss.

NetRise Platform provides continuous monitoring of XIoT firmware vulnerabilities

NetRise is a cloud-based SaaS platform that analyzes and continuously monitors the firmware of XIoT devices. The firmware images are then dissected, presenting all of the key data, artifacts, and risk in an easy-to-consume interface.

SimSpace SkillWise provides team-based development exercises and training

SimSpace unveiled SkillWise, which provides a realistic environment to conduct individual and team cyber training exercises powered by the SimSpace Cyber Range. Through the offering, security teams and practitioners can take advantage of cybersecurity training content, detailed threat intelligence, guidance on emerging threats, create tailored learning tracks, and leverage the same assets in optional live-fire events.

Halo Security launches attack surface management platform to protect data from external attackers

Halo Security platform combines external asset risk and vulnerability assessment, and penetration testing services to provide organizations complete visibility into the risk posture of their internet-exposed assets on an on-going basis.

Traceable AI announces enhanced data security capabilities to address more specific types of API attacks

Traceable AI announced enhanced capabilities to address more specific types of API attacks, including API abuse and misuse, fraud and malicious API bots, all of which contribute to serious data security and compliance challenges within organizations today. These additional capabilities enable organizations to detect, stop and eliminate these types of sophisticated attacks, to protect their data, financial resources, and reputation.

Deepfence ThreatMapper 1.4 empowers organizations to visualize cloud native threat landscape

Deepfence announced the 1.4 release of its open source project ThreatMapper, cloud native offering that expands attack path visualization, adds cloud security posture management, and now includes the cloud native, YARA-based malware scanner. ThreatMapper 1.4 enables organizations to find and rank potential threats, such as the Log4j2 vulnerability, so security teams can make informed decisions and shore up critical gaps that may have otherwise gone unnoticed.

AuditBoard Third-Party Risk Management solution empowers teams to manage their overall IT risk

AuditBoard’s Third-Party Risk Management solution enables teams to save time, be better partners to the business, and scale through automated and collaborative workflows that enable more effective management of third-party risk. This purpose-built solution supports customizable assessments, automated risk scoring, issue management, ongoing monitoring, and centralized reporting and tracking.

Tenacity platform enhancements provide visibility into entire AWS and Azure cloud infrastructure

Tenacity launched agentless, automated and self-directed activation capability with immediate deployment within its platform. All vulnerable assets and misconfigurations are automatically identified, grouped and ranked by severity so users know which risks need to be addressed first.

Transmit Security expands CIAM capabilities to improve fraud detection and identity verification for users

Transmit Security has released new capabilities of its customer identity and access management (CIAM) platform, enabling orchestrated user management, authorization, authentication, continuous risk detection, and ID verification.

Raytheon launches secure watch and global data service for government users

Raytheon Blackbird Technologies has released NexGenTrac, or NGT, Watch and NexGen Global SIM, a wearable device and global data service that provides situational awareness and secure communications.

Drata Risk Management provides organizations with a central view of all potential risks

Drata launched Risk Management, enabling customers to manage end-to-end risk programs by continuously monitoring, identifying, assessing, and treating risks. Drata’s Risk Management tool comes with a library of threat-based risks based on established sources, such as NIST SP 800-30, ISO 27005 and HIPAA guidelines.

Ntrinsec’s key security automation platform removes security risks around encryption key reuse

Integrating with third-party key management systems (KMS), hard security modules (HSMs), certificate authorities, and cloud providers, Ntrinsec offers full automation around all key lifecycle processes. Users can map all keys and host machines within the platform to ensure proper key hygiene and identify exploitable key reuse.

PlainID Authorization Platform solves enterprise challenges associated with access control

PlainID has released its “Authorization-as-a-Service,” SaaS-enabled Authorization Platform. This release also introduces PlainID’s Visual Policy Map which enables administrators to visualize the impacts of policies, resulting in a better understanding of the relationships between who can access what and when.

Privitar Modern Data Provisioning Platform provides self-service access to data in real time

The Privitar Modern Data Provisioning Platform uses a policy-based approach that enables organizations to comply with privacy regulations and protect customer trust with security and privacy capabilities built into data operations.

ReasonLabs Online Browser Security protects consumers from complex and rapidly-evolving cyber threats

ReasonLabs has launched its newest product, Online Browser Security, providing real-time, 24/7 protection against malicious URLs, phishing, harmful extensions, suspicious downloads, intrusive cookies and trackers, unauthorized notifications, and pop-ups.