New infosec products of the week: December 15, 2023
Here’s a look at the most interesting products from the past week, featuring releases from Censys, Confirm, Drata, Safe Security, and SpecterOps.
Nemesis: Open-source offensive data enrichment and analytic pipeline
Nemesis is a centralized data processing platform that ingests, enriches, and performs analytics on offensive security assessment data (i.e., data collected during penetration tests and red team engagements). Nemesis was created by Lee Chagolla-Christensen, Will Schroeder, and Max Harley from SpecterOps.
Drata announces Third-Party Risk Management offering to help security teams identify risks
Drata’s TPRM offering provides security teams with a comprehensive tool for identifying, assessing, and continuously monitoring risks and integrating them with internal risk profiles. This holistic approach ensures a unified, clear view of potential exposures across the entire organization to effectively and efficiently manage third-party risks.
Censys unveils two new product tiers to help researchers enhance their threat hunting work
Censys announced two new product tiers of its search tool, Censys Search Solo and Censys Search Teams. These additions are part of a series of strategic initiatives to enhance the security community, including the introduction of Threat Hunting Boot Camps, the Censys Beta Workshop, which provides beta access to CensysGPT and Map to Censys, and significant upgrades to its product infrastructure.
Confirm strenghtens trust and security in online marketplaces
Using identity protocols paired with intuitive user experiences, Confirm allows people to create a secure, verified digital ID — a ConfirmID — which they can use to prove their identity online without oversharing personal information.
SAFE Materiality Assessment Module identifies top cyber risk scenarios
The SAFE Materiality Assessment Module provides organizations with an end-to-end materiality journey. Pre-incident, the module helps organizations define ‘Materiality thresholds,’ identify top cyber risk scenarios, quantify the potential materiality of these risk scenarios using FAIR-MAM framework, and assess the effectiveness of post-incident response controls.