From Security Weekly Wiki
Revision as of 16:58, 22 January 2020 by Paul Asadoorian (talk | contribs)
Jump to navigationJump to search
  1. New infosec products of the week: January 17, 2020 - Help Net Security
  2. Security Compass secures funding to enhance solutions portfolio and accelerate growth - Help Net Security - Not entirely certain how they help organizations, looks like they have products as well as services. Requires more digging to identify the value, seems to be a source analyzer...
  3. CyberArk's new just-in-time access capabilities help reduce risk and improve operational efficiency - Help Net Security - Great features here, all it takes is one production outage or security event and the business can make it really difficult to get code tested and deployed. These features will help organizations be more agile.
  4. Waterfall Security Solutions secures significant new funding round - Help Net Security
  5. Micropatch simulates workaround for recent zero-day IE flaw, removes negative side effects - Help Net Security - If I still had to support Windows 7, I'd consider this: Since the February Patch Tuesday is quite a while away and since Windows 7 and Windows Server 2008 R2 users without Extended Security Updates might not get the patch at all, ACROS Security decided to provide a micropatch that simulates the offered workaround (restricts access to the vulnerable JScript.dll) without its negative side effects (reduced functionality for components or features that rely on that particular .dll).
  6. STEALTHbits StealthRECOVER 1.5: Easier and faster AD rollback and recovery - Help Net Security
  7. New Kaspersky Sandbox automates protection from advanced threats - According to a Kaspersky survey of IT decision-makers, 47% of SMBs and 51% of enterprises say that it is becoming more difficult to differentiate between generic and advanced attacks. This means security analysts have to spend time evaluating numerous suspicious files instead of focusing on investigating, and responding to, the most critical threats. This could be even more challenging, as larger SMBs and small enterprises face an IT security talent shortage, so all the responsibilities of managing security fall on the shoulders of IT departments. While true, but not all sandboxes are the same...I'd look at some of the smaller startups, like Intezer or VMRay, but would also consider some of the free ones as well.
  8. ServiceNow to Acquire Loom Systems - With Loom Systems, ServiceNow will increase customers’ ability to apply AI to their knowledge base of issues and fixes for better insights into root causes and allow them to automate remediation tasks, reducing the number of Level 1 IT incidents. - I believe this is a valid use of AI/machine learning, plenty of data to "learn" from, or at least model and automate decisions and remediation processes. This is important for enterprise SOCs.
  9. Sysdig Closes $70M in Series E Funding to Enable Enterprises to Confidently Secure Cloud-Native Workloads in Production
  10. FireEye adds Cloudvisory to its stable | SC Media
  11. Flashpoint Introduces Compromised Credentials Monitoring, Helping Organizations Lessen Exposure from Breaches, Leaks - Are there reasons not to do this? Enterprise enables organizations to search and monitor Flashpoint’s unique collections for compromised enterprise accounts and passwords in order to flag accounts, reset employee passwords, and restrict permissions to prevent actors from accessing confidential or personally identifiable information (PII). Again, free vs. commercial argument could be made, but if you are in an enterprise setting, likely money well spent?