Category: News Alerts

Tel Aviv, Israel, Jan. 15, 2025, CyberNewswire — Sweet Security, a leader in cloud runtime detection and response, today announced the launch of its groundbreaking patent-pending Large Language Model (LLM)-powered cloud detection engine.

This innovation enhances Sweet’s unified detection and response solution, enabling it to reduce cloud detection noise to an unprecedented 0.04%. Sweet uses advanced AI to help security teams navigate complex and dynamic environments with improved precision and confidence.

Detecting unknown unknowns

The introduction of Sweet’s patent-pending LLM technology transforms its ability to identify previously undetectable threats. By evaluating cloud variables and anomalies in real-time – and adapting the findings to the nuances of the particular cloud environment – Sweet’s cloud detection engine is capable of uncovering zero-day attacks and “unknown unknowns” — threats that have not been introduced or published to the world. This eliminates the need to predefine what constitutes abnormal or malicious behavior and streamlines the differentiation between unusual activity and actual attacks.

Fast validation/vindication

Sweet’s patent-pending LLM-powered cloud detection engine excels at distinguishing between “weird” but benign anomalous activity and genuine threats. Each incident is labeled as either “malicious,” “suspicious,” or “bad practice,” indicating whether the anomaly is indicative of an attack and requires further attention from SecOps or is an unusual but legitimate activity that needs to be reviewed by DevOps. Security teams can eliminate false positives, streamline workflows, and focus their attention where it matters most. The result is unparalleled operational efficiency and reduced alert fatigue.

Actionability at Scale

To ensure maximum usability, the new capability delivers actionable insights through:

•Immediate mapping of “danger zones” in the environment through an intuitive heat map

•Clear incident labeling, providing context and clarity for security analysts

•Identification of relevant problem owners within the organization, streamlining incident response

This approach improves response times while promoting collaboration and accountability across teams.

Scaling ADR

In dynamic cloud environments, Sweet’s patent-pending LLM-powered cloud detection engine enables scalable Application Detection and Response (ADR).

It does so by cross-correlating potential attack patterns with extensive application data to identify the ‘smoking gun’—those elusive signals in the data that are indicative of an attack. This capability brings clarity and precision to applications where the sheer volume of data would overwhelm rule-based approaches.

Increased security certainty

With the introduction of this capability, Sweet continues to deliver on its mission to provide clarity and control for cloud environments. By reducing noise, enhancing detection accuracy, and empowering actionable insights, Sweet increases certainty within security teams, enabling them to operate with confidence in even the most complex cloud landscapes.

“This new capability is a game-changer for cloud security,” said Dror Kashti, CEO of Sweet Security. “By harnessing the power of LLMs, we’re not only reducing detection noise to near-zero levels but also providing security teams with the tools they need to act swiftly and decisively. This is a major leap forward in our commitment to delivering unparalleled detection and response for the cloud.”

Sweet Security is dedicated to protecting customer privacy and adheres to strict privacy standards by processing data securely and responsibly.

About Sweet Security:  Sweet Security is the leading provider of Cloud Native Detection and Response solutions. Powered by comprehensive runtime insights and behavioral analytics, Sweet’s unified platform correlates data across application, workload, and cloud infrastructure to deliver best-of-breed real-time detections, as well as vulnerability management, identity threat management, and runtime CSPM. By analyzing baseline behaviors across different entities and utilizing its LLM-powered detection engine, Sweet reduces cloud detection noise to 0.04%, helping organizations hit a benchmark of 2-5 min MTTR for all incidents. Privately funded, Sweet is backed by Evolution Equity Partners, Munich Re Ventures, Glilot Capital Partners, CyberArk Ventures, and an elite group of angel investors. For more information, users can visit http://sweet.security.

Media contact: Noa Glumcher, VP of Marketing, Sweet Security, noa@sweet.security

The post News alert: Sweet Security’s LLM-powered detection engine reduces cloud noise to 0.04% first appeared on The Last Watchdog.

Prague, Czech Republic, Jan. 15, 2025, CyberNewswire — Quantum computing is set to revolutionize technology, but it also presents a significant security risk for financial institutions.

Czech cybersecurity startup Wultra has raised €3 million from Tensor Ventures, Elevator Ventures, and J&T Ventures to accelerate the development of its post-quantum authentication technology, safeguarding banks and fintech against the coming wave of quantum threats.

Theinvestment comes as global concern grows over the vulnerability of traditional security methods. Quantum computers will soon have the power to crack cryptography that protects billions of financial transactions daily. Wultra, whose clients already include Raiffeisen Bank International, Erste Digital, OTP Bank, and Global Payments, is at the forefront of creating secure authentication solutions that can withstand quantum-level attacks.

“We anticipate a ‘Q-day’ within the next five years – a point where current authentication systems will become ineffective against quantum computers,” says Petr Dvorak, CEO and founder of Wultra. “Financial institutions must act now to protect their infrastructure. This investment allows us to develop next-generation solutions and deepen our presence in key banking markets that recognize the urgency of post-quantum threats.”

Dvorak is no stranger to innovation. He played a key role in building Inmite, a mobile app development firm acquired by Avast in 2014. Drawing on that experience, he founded Wultra to focus on financial security. Today, the company offers mobile-first software authentication and hardware authenticators trusted by major European banks.

Made in EU

While most of Wultra’s sales are from its smartphone software authentication solution, its hardware authenticator, Talisman, has already seen significant demand, with thousands of units delivered and tens of thousands of pre-orders. To ensure the highest level of security and compliance, all Talisman devices are manufactured and assembled within the European Union, with final production taking place in the Czech Republic.

“Our hardware authenticator addresses the needs of corporate and premium banking clients, aligning with new PSD3 regulations that mandate alternative authentication methods beyond smartphones,” adds Petr Dvorak.

Global expansion, innovation

Numerous banks and fintech companies in several countries trust Wultra’s solutions, and adoption is especially high in Central Europe.

The €3 million investment will develop post-quantum authentication solutions and enable Wultra’s expansion into Western Europe and Southeast Asia, which are experiencing increasing adoption of digital banking. The company plans to open a Singapore office in 2025 to serve the growing demand in these regions.

“Southeast Asia is becoming a key market for us. The region’s financial sector is evolving rapidly, and post-quantum authentication is becoming a priority,” explains Dvorak. “By next year, we aim to establish a physical presence to support our expanding client base.”

Next investment in two years

The Seed+ round was led by Czech-Luxembourg deep tech fund Tensor Ventures of Roman Smola, Martin Drdul, and Petr Ulvr. “Wultra has cutting-edge technology that solves the nightmare of every banker in the world,” says Martin Drdul, co-founder of Tensor Ventures.

“At the same time, there is no alternative to their solution that can be deployed so quickly. We also like that this is another Czech startup that shows that we can successfully export very advanced technologies from the Czech Republic to the whole world,” adds Ondrej Lipold, who was in charge of the investment at Tensor Ventures.

Elevator Ventures, the venture capital arm of Raiffeisen Bank International, co-led the round. Suleiman Arabiat, Principal at Elevator Ventures, comments: “Authentication is a challenging and ever-growing field, and we believe Wultra’s solid technology stack and development capabilities address the most critical challenges in securing financial institutions against future threats. We are excited to support their expansion into new markets and their trailblazing journey out of CEE to the world.”

Returning investor J&T Ventures, which first backed Wultra in 2022, also joined the round. “We’ve supported Wultra from the early stages and have been consistently impressed by their technology and market growth,” says Adam Kocík, Partner at J&T Ventures. “As quantum threats become more pressing for the financial sector, Wultra’s solutions are positioned to become essential infrastructure for banks and fintechs. This round reinforces our belief in their growth potential and ability to lead the industry into the post-quantum era.”

Another investment round will likely occur within two years.

About Wultra: Wultra provides easy-to-deploy post-quantum authentication solutions for financial institutions, ensuring secure and seamless access to digital services. Its developer-friendly technology, powered by NIST-endorsed quantum-resistant cryptography, delivers bulletproof security, a passwordless user experience, and compliance with global regulations—all deployable in just eight weeks. Trusted by financial institutions worldwide, Wultra’s solutions meet stringent standards like PSD3/PSR1 and eIDAS 2.0 while offering cutting-edge protection against evolving cyber threats. For more information, visit www.wultra.com.

About Tensor Ventures: Tensor Ventures is a global deep tech fund headquartered in Prague and Luxembourg, founded by Roman Smola, Martin Drdul, and Petr Ulvr. The first fund supported revolutionary early-stage deep tech startups, building a portfolio of over 20 companies across Europe, the UK, Israel, the USA, and beyond. Notable successes include Tatum, Veracity Protocol, and QC82 quantum chips. The second fund, Tensor Ventures, is targeting a size of EUR 50 million and will again allow investors to tap into unique quantum technologies, biotechnology, security technologies, software 2.0, and energy and climate technologies. In addition to these areas, however, there will also be an opportunity to invest in space technologies. For more information, visit www.tensor.ventures.

About Elevator Ventures: Elevator Ventures is the venture capital fund backed by Raiffeisen Bank International, Raiffeisen-Holding Niederösterreich-Wien, and Raiffeisen-Landesbank Steiermark and manages funds of more than 100m€ to elevate the growth of technology companies in Fintech and Beyond Banking. The team has a wide sourcing and business development network in DACH and CEE and uses the deep expertise and intel of its investors as an advantage. To date, Elevator Ventures has invested close to €50 million into 16 companies, resulting in four successful exits, and into two funds. For more information, visit www.elevator-ventures.com 

About J&T Ventures: Venture Capital Fund J&T Ventures invests in promising, innovative start-ups to contribute to their dynamic development and value growth. The J&T Ventures funds manage 50 million euros and provide not only financial resources, but also help to set up business strategy, business processes, support expansion to foreign markets, fundraising and managerial experience along with contacts. The fund seeks promising business projects with exceptional founders, focusing primarily on the CEE and SEE region and investing between EUR 0.5 million and EUR 2.5 million. More information at www.jtventures.cz and LinkedIn.

 Media contact: Petr Dvorak, Founder & CEO, Wultra, petr.dvorak@wultra.com

The post News alert: Wultra secures €3M funding to help financial firms mitigate coming quantum threats first appeared on The Last Watchdog.

Philadelphia, Pa., Jan. 7, 2025, CyberNewswire — Security Risk Advisors today announced it has become a member of the Microsoft Intelligent Security Association (MISA), an ecosystem of independent software vendors (ISVs) and managed security service providers (MSSPs) that have integrated their solutions with Microsoft Security technology to better defend mutual customers against a world of increasing cyber threats.

Security Risk Advisors (SRA) is a leading cybersecurity firm dedicated to providing comprehensive security solutions to businesses worldwide. With a commitment to maintaining the highest ethical standards, SRA offers a range of services including security testing, security program development, 24×7 monitoring and response.

Joining MISA represents a significant milestone, demonstrates the company’s ability to deliver impactful security solutions while increasing adoption of their SCALR XDR offering and helping clients maximize their investment in Microsoft Security technologies.

Security Risk Advisors’ SCALR™ XDR is both a platform, built on Microsoft Azure and a 24×7 monitoring service with Microsoft Sentinel. SCALR™ uses a security data lake architecture to minimize SIEM costs, maximizing the user’s ability to store security events, and accelerate search and hunting capabilities. The SCALR™ XDR service is enhanced by SRA’s distinctive Purple Teams & Threat Resilience Benchmarks powered by VECTR™.

“We are honored that Microsoft has recognized SRA’s expertise and proven track record by welcoming us into the Microsoft Intelligent Security Association (MISA). This achievement further energizes our commitment to empowering clients to adopt and optimize Microsoft Security technologies, enhancing their threat management programs and overall security posture.”

– Tim Wainwright, CEO, Security Risk Advisors

“I am pleased to have Security Risk Advisors join us as a member of the Microsoft Intelligent Security Association (MISA). By including our strategic Managed Security Services Providers (MSSPs) in MISA, we help enable further collaboration between cybersecurity industry leaders in protecting and supporting our joint customers.”

– Parri Munsell, Senior Director, Security Partner Marketing

Established in 2018 to bring together Microsoft leaders, ISVs, and MSSPs, MISA focuses on collaborating to combat security threats and create a safer environment for all. Its mission is to provide intelligent, industry-leading security solutions that work together to help protect organizations at the speed and scale of AI in an ever-increasing threat landscape.

Partners who are interested in learning more can visit the MISA Website: Microsoft Intelligent Security Association.

About Security Risk Advisors: Security Risk Advisors offers Purple and Red Teams, Cloud Security, Penetration Testing, OT Security and 24x7x365 Cybersecurity Operations. Based in Philadelphia, SRA operates across the USA, Ireland and Australia. To learn more: https://sra.io.

 Media contact: Kim Sandberg, Marketing Lead, Security Risk Advisors, info@sra.io

The post News Alert: Security Risk Advisors joins Microsoft Intelligent Security Association (MISA) first appeared on The Last Watchdog.

Ramat Gan, Israel, January 7th, 2025, CyberNewswire — CyTwist, a leader in advanced next-generation threat detection solutions, has launched its patented detection engine to combat the insidious rise of AI-generated malware.

The cybersecurity landscape is evolving as attackers harness the power of artificial intelligence (AI) to develop advanced and evasive threats. The rise of AI-generated malware and AI-enhanced cyberattacks has escalated the threat landscape, leaving traditional defenses struggling to keep up. Businesses now face the critical challenge of adapting to this new era of cyber warfare, characterized by speed, sophistication, and adaptability.

Rise of AI-driven threats

AI has altered the dynamics of cyber conflict, enabling attackers to execute sophisticated operations previously associated with state-sponsored entities. AI-generated phishing emails, adaptive botnets, and automated reconnaissance tools are now common components of cybercriminal tactics. These technologies bypass signature-based defenses and mimic legitimate behavior, making detection more challenging.

For example, in a recent attack on French corporates and government agencies, an AI-engineered malware exploited advanced techniques like COM hijacking and encrypted payloads, enabling attackers to remain undetected for extended periods, exfiltrate sensitive data, and establish long-term persistence within the network. This incident highlights three key risks of AI-driven attacks:

•Sophistication: AI allows attacks to evolve in real-time, rendering static defenses obsolete.

•Speed: Automated reconnaissance and attack execution drastically reduce the time needed to breach networks and execute the attack.

•Evasion: AI-generated threats mimic human behavior, complicating detection for security teams.

In response to this growing challenge, CyTwist has developed a patented detection engine that identifies stealthy, AI-driven attack campaigns and malware that bypass traditional security tools, including leading EDR and XDR solutions. By leveraging advanced behavioral analysis, CyTwist Profiler identifies new and emerging threats in real time, stopping attackers before they can cause harm.

Advanced detection

CyTwist recently demonstrated its advanced detection capabilities during a red team simulation with a major telecommunications provider. The exercise mirrored the sophisticated techniques observed in the recent attack on French organizations and government agencies, employing AI-generated malware with encryption and evasion tactics. While the existing security tools failed to detect the attack, CyTwist’s solution identified malicious activity within minutes.

The head of incident response at the telecom operator highlighted the tool’s value, stating “We were impressed by CyTwist’s capability of detecting sophisticated, AI-generated malware that our EDR had failed to pick up. CyTwist provided the critical insights we needed to detect the attack in time, adding a valuable security layer against AI-generated threats.”

This simulation underscored the importance of adopting advanced technologies to address modern cyber challenges.

“The use of AI in cyberattacks is reshaping the threat landscape, enabling attackers to operate elusively and at speed, capable of gliding past traditional security solutions. Our patented detection engine is specifically engineered to address these challenges,” said Eran Orzel, CEO of CyTwist.

Mitigation strategies

As organizations face increasing threats from AI-driven attacks, proactive strategies are essential. Key recommendations include:

•Adopting Advanced Detection Technologies: Traditional detection tools are not always sufficient defense against the dynamic nature of modern cyber threats. Modern detection tools that leverage AI, machine learning, behavioral analytics, and anomaly detection are needed to uncover threats missed by traditional approaches.

•Prioritized Rapid Detection and Response: Speed is critical when responding to AI-driven threats. Continuous monitoring and automated response systems enable swift containment of threats and real-time triage tools help security teams focus on critical alerts and ignore the noise.

•Enhanced Resilience Through Security Frameworks: Building adaptive security frameworks that integrate advanced detection tools will enable a response to emerging threats in real time. Regular training for security teams is needed to build the skills to counter the latest AI-driven attack methods.

CyTwist’s patented detection engine represents a significant advancement in addressing AI-enhanced cyber threats, providing organizations with the tools needed to navigate this increasingly complex landscape.

To learn more about CyTwist’s cutting-edge solutions, users can visit cytwist.com or reach out via contact@cytwist.com.

About CyTwist: CyTwist is an advanced cybersecurity solution, specializing in next-generation threat detection and response. Its patented detection engine enables organizations to stay ahead of evolving threats, providing unmatched protection against stealthy, AI-generated attacks and novel malware. CyTwist was founded by a team of experienced cybersecurity professionals and former intelligence officers who bring extensive expertise in counterintelligence and cybersecurity. In an era where attackers leverage AI to outpace traditional defenses, CyTwist Profiler provides a critical layer of security, enabling organizations to detect, investigate, and neutralize threats before they cause harm.

Media contact: Eran Orzel, CEO, CyTwist, eran@cytwist.com

The post News alert: CyTwist launches threat detection engine tuned to identify AI-driven malware in minutes first appeared on The Last Watchdog.

Palo Alto, Calif., Dec. 30, 2024, CyberNewswire — SquareX, an industry-first Browser Detection and Response (BDR) solution, leads the way in browser security. About a week ago, SquareX reported large-scale attacks targeting Chrome Extension developers aimed at taking over the Chrome Extension from the Chrome Store.

On December 25th, 2024, a malicious version of Cyberhaven’s browser extension was published on the Chrome Store that allowed the attacker to hijack authenticated sessions and exfiltrate confidential information. The malicious extension was available for download for more than 30 hours before being removed by Cyberhaven. The data loss prevention company declined to comment on the extent of the impact when approached by the press, but the extension had over 400,000 users on the Chrome Store at the time of the attack.

Unfortunately, the attack took place as SquareX’s researchers had identified a similar attack with a video demonstrating the entire attack pathway just a week before the Cyberhaven breach. The attack begins with a phishing email impersonating Chrome Store containing a supposed violation of the platform’s “Developer Agreement”, urging the receiver to accept the policies to prevent their extension from being removed from Chrome Store. Upon clicking on the policy button, the user gets prompted to connect their Google account to a “Privacy Policy Extension”, which grants the attacker access to edit, update and publish extensions on the developer’s account.

Fig 1. Phishing email targeting extension developers

Fig 2. Fake Privacy Policy Extension requesting access to “edit, update or publish” the developer’s extension

Extensions have become an increasingly popular way for attackers to gain initial access. This is because most organizations have limited purview on what browser extensions their employees are using. Even the most rigorous security teams typically do not monitor subsequent updates once an extension is whitelisted.

SquareX has conducted extensive research and demonstrated at DEFCON 32, how MV3-compliant extensions can be used to steal video stream feeds, add a silent GitHub collaborator, and steal session cookies, among others. Attackers can create a seemingly harmless extension and later convert it into a malicious one post-installation or, as demonstrated in the attack above, deceive the developers behind a trusted extension to gain access to one that already has hundreds of thousands of users. In Cyberhaven’s case, attackers were able to steal company credentials across multiple websites and web apps through the malicious version of the extension.

Given that developer emails are publicly listed on Chrome Store, it is easy for attackers to target thousands of extension developers at once. These emails are typically used for bug reporting. Thus, even support emails listed for extensions from larger companies are usually routed to developers who may not have the level of security awareness required to find suspicion in such an attack. As per SquareX’s attack disclosure and the Cyberhaven breach that occurred within the span of less than two weeks, the company has strong reason to believe that many other browser extension providers are being attacked in the same way. SquareX urges companies and individuals alike to conduct a careful inspection before installing or updating any browser extensions.

Fig 3. Contact details of extension developers are publicly available on Chrome Store

SquareX team understands that it can be non-trivial to evaluate and monitor every single browser extension in the workforce amidst all the competing security priorities, especially when it comes to zero-day attacks. As demonstrated in the video, the fake privacy policy app involved in Cyberhaven’s breach was not even detected by any popular threat feeds.

SquareX’s Browser Detection and Response (BDR) solution takes this complexity off security teams by:

•Blocking OAuth interactions to unauthorized websites to prevent employees from accidentally giving attackers unauthorized access to your Chrome Store account

•Blocking and/or flagging any suspicious extension updates containing new, risky permissions

•Blocking and/or flagging any suspicious extensions with a surge of negative reviews

•Blocking and/or flagging installations of sideloaded extensions

•Streamline all requests for extension installations outside the authorized list for quick approval based on company policy

•Full visibility on all extensions installed and used by employees across the organization

SquareX’s founder Vivek Ramachandran warns: “Identity attacks targeting browser extensions similar to this OAuth attack will only become more prevalent as employees rely on more browser-based tools to be productive at work. Similar variants of these attacks have been used in the past to steal cloud data from apps like Google Drive and One Drive and we will only see attackers get more creative in exploiting browser extensions. Companies need to remain vigilant and minimize their supply chain risk without hampering employee productivity by equipping them with the right browser native tools.”

About SquareX: SquareX helps organizations detect, mitigate, and threat-hunt client-side web attacks happening against their users in real-time.

SquareX’s industry-first Browser Detection and Response (BDR) solution, takes an attack-focused approach to browser security, ensuring enterprise users are protected against advanced threats like malicious QR Codes, Browser-in-the-Browser phishing, macro-based malware, and other web attacks encompassing malicious files, websites, scripts, and compromised networks.

With SquareX, enterprises can provide contractors and remote workers with secure access to internal applications, and enterprise SaaS, and convert the browsers on BYOD / unmanaged devices into trusted browsing sessions.

Media contact: Junice Liew, Head of PR, SquareX, junice@sqrx.com

The post News alert: SquareX exposes OAuth attack on Chrome extensions — days before a major breach first appeared on The Last Watchdog.

Vienna, Austria, Dec. 11, 2024, CyberNewswire — DMD Diamond, one of the oldest blockchain projects in the space, has announced the start of Open Beta for the DMD Diamond v4 blockchain.

Established in 2013, DMD Diamond is recognized as a decentralized, community-driven initiative. The v4 blockchain introduces a host of advanced features, designed to enhance efficiency and usability.

Beginning December 9, the Open Beta phase invites developers and blockchain enthusiasts to test the platform’s innovative functionality.

A key highlight of the DMD v4 blockchain is its Honey Badger Byzantine Fault Tolerance (HBBFT) consensus mechanism. Known for its instant transaction finality, high security, and reduced energy requirements, this mechanism underpins a robust and eco-friendly blockchain infrastructure.

The platform’s compatibility with the Ethereum Virtual Machine (EVM) further enables developers to leverage existing tools for creating decentralized applications (dApps) on a streamlined, high-performance blockchain.

With the opening of DMD Diamond beta testing, the project invites all interested users, developers, and crypto enthusiasts to join this historic moment. Helmut Siedl, the DMD Diamond blockchain visionary, says: “In 2018, when the community approved the work on a technology relaunch, we did not expect it to take over six years. With the launch of open beta, we are in the final chapter of this journey and proud of what we show the public, which is now more than expected and full of industry-first innovations.”

In addition, anyone who participates in beta testing can become part of a community and contribute to the project’s future through DAO, which will become active with the launch of the mainnet.

In subsequent testing weeks, DMD Diamond looks forward to welcoming new members to experience how the network creates stable blocks (heartbeat all in 10 minutes) and reacts to incoming transactions in a super fast 1-2 seconds. That’s the dynamic block times feature by DMDv4. They can also experience epoch switches and the random selection of new active validator nodes based on staked coins, trust scores, etc., as designed on our network.

To start the process, developers must install DMDv4 on a Linux server using Open Ethereum versions with DMDv4 extensions and HBBFT/POSDAO configurations. The minimum requirements are a 4-core CPU, 8 GB RAM, and a 100-200 GB SSD.

Full details about how to set up the validator nodes, how to set up their Metamask address for DMD Diamond Network, how to claim testnet coins for Open Beta, and importantly, how to navigate Diamond-UI for creating a pool (as a validator candidate)can be found in the Guide on GitHub and on the DMD Diamond Discord server.

About DMD Diamond, Founded in 2013, DMD Diamond is a decentralized blockchain project that prioritizes community-driven governance and technological innovation. Over its decade-long history, the platform has maintained a focus on developing sustainable, efficient blockchain solutions. The upcoming DMD v4 blockchain reflects the project’s commitment to pioneering advancements, including the integration of energy-efficient consensus mechanisms and support for decentralized application development. By fostering a collaborative ecosystem, DMD Diamond continues to empower users and developers worldwide.

 Media contact: Leila Salieva, leila@bit.diamonds

The post News alert: DMD Diamond invites developers to participate in open beta for its v4 blockchain first appeared on The Last Watchdog.

Alisa Viejo, Calif., Dec. 5, 2024, CyberNewswire — One Identity proudly announces it has been named a winner in the Hot Company: Privileged Access Management (PAM) category in the 12th annual Cyber Defense Awards by Cyber Defense Magazine (CDM), the industry’s leading information security magazine.

“We are deeply honored to be recognized amongst the winners of the 12th annual Cyber Defense Awards at CyberDefenseCon 2024,” said Mark Logan, CEO of One Identity. “Being recognized for our advancements in Privileged Access Management (PAM) is a powerful affirmation of the commitment One Identity has to safeguarding critical data and systems while empowering our customers to take charge of enhancing their security. With the intense competition from the industry’s best, this award underscores our dedication to setting new standards in cybersecurity.”

“One Identity embodies three major features we judges look for with the potential to become winners: understanding tomorrow’s threats today, providing a cost-effective solution and innovating in unexpected ways that can help mitigate cyber risk and get one step ahead of the next breach,” said Gary S. Miliefsky, Publisher of Cyber Defense Magazine.”

This award highlights the role One Identity has in advancing privileged access management through solutions including Safeguard, Safeguard On Demand, and PAM Essentials.

These solutions empower organizations to manage, authenticate, and analyze privileged access, streamlining the granting of credentials with role-based access controls and automated workflows. With these scalable and reliable PAM solutions, organizations of all sizes can address their complex and ever-evolving cybersecurity challenges.

The full list of the Top InfoSec Innovators for 2024: https://cyberdefenseawards.com/top-infosec-innovators-for-2024/

About One Identity: One Identity delivers unified identity security solutions that help customers strengthen their overall cybersecurity posture and protect the people, applications, and data essential to business. Their Unified Identity Security Platform brings together identity and access management solutions: Identity Governance and Administration (IGA), Access Management (AM), Privileged Access Management (PAM), and Active Directory Management (AD Mgmt) capabilities to enable organizations to shift from a fragmented to a holistic approach to identity security. One Identity is trusted and proven on a global scale – managing more than 500 million identities for more than 11,000 organizations worldwide. Users can find more information here: https://www.oneidentity.com

About Cyber Defense Awards: This is Cyber Defense Magazine’s 12th year of honoring cybersecurity innovators on our Cyber Defense Awards platform. In this competition, judges for these and other prestigious awards include cybersecurity industry veterans, trailblazers, and market makers Gary Miliefsky of CDMG, Dr. Lindsey Polley de Lopez of VentureScope, Katie Gray of In-Q-Tel, Robert R. Ackerman Jr. of Allegis Cyber, Dino Boukouris of AltitudeCyber and with much appreciation to emeritus judges Robert Herjavec of Cyderes, Dr. Peter Stephenson of CDMG and David DeWalt of NightDragon. 

Top InfoSec Innovators for 2024: https://cyberdefenseawards.com/top-infosec-innovators-for-2024/ 

Users can download The Back Unicorn Report for 2024: https://cyberdefenseawards.com/the-black-unicorn-report-for-2024/ 

Top Global CISOs Winners for 2024: https://cyberdefenseawards.com/top-global-cisos-winners-for-2024/

Media contact: Liberty Pike, One Identity, Liberty.Pike@oneidentity.com

The post News alert: One Identity wins 2024 Cyber Defense Award: Hot Company – PAM category first appeared on The Last Watchdog.

Cheltenham, England, Dec. 4, 2024 –A majority of senior cybersecurity professionals at the UK’s largest organisations struggle with feelings of helplessness and professional despair, new research by Green Raven Limited indicates.

These negative emotions result from practitioners’ anticipation of eventual, inevitable failure to protect their organisation. Most practitioners say these same feelings spill over into and impact their personal lives.

With the standard, increasingly expensive, throw-money-at-it-and-hope-something-sticks approach to cybersecurity failing to stem global losses, practitioners yearn instead for a more precise understanding of threats so they can target budget and defences where they are needed. To meet this need and help tilt the odds back in their favour, practitioners have high hopes for new, AI-based tools.

Commissioned by specialist cybersecurity consultancy and reseller Green Raven Limited and conducted by research specialist Censuswide, the research comprised a quantitative survey of 200 cybersecurity professionals with responsibility for cybersecurity, cybersecurity teams and associated budgets in organisations of over 1,000 employees. The results showed that:

•70% of them admit to feelings of professional despair/helplessness at the inexorable rise in cyber losses. Despite being responsible for rapidly increasing cybersecurity budgets, an unhealthy majority of 59% agree that it’s “a matter of when, not if” their organisation suffers loss due to a cybersecurity breach. Almost three-quarters say they would consider a major breach as a personal failure.

•59% of respondents admit that feelings of professional despair/helplessness have a negative impact on their personal lives and/or mental health.

•almost 70% are under pressure from senior management/boards to better justify their next annual cybersecurity budget against the actual risks and threats faced by their organisation. 66% of this cohort, and over half of all respondents, say they struggle to do so.

•fewer than half of respondents believe their organisation is investing sufficiently in cybersecurity, despite nearly 90% of respondents reporting that their cybersecurity budgets are increasing. 47.5% describe budgets as increasing rapidly.

•79% of respondents recognize that the ‘gold standard’ process for risk and compliance management comprises the four steps of identification, assessment, treatment, and monitoring; three-quarters of respondents say their organisation executes all four steps. Of the handful that disagreed, over half said their organisations rely instead on abbreviated methodologies based on scrutinising risks and emphasising defensive measures.

•two-thirds of respondents say that not knowing from where the next cyberattack will come feels like permanently working with a blindfold on.

•almost four in every five respondents expect that new, AI-enhanced tools will finally give them an advantage over threat actors in the form of better cyber threat intelligence which tells them from where an attack will likely come and/or where it will land.

Interpreting the research, Morten Mjels, CEO of Green Raven Limited, commented: “The research appears to highlight some contradictory thinking by respondents: despite the impact on their lives, ever-rising cybersecurity budgets and the belief that a breach will occur in the end anyway, respondents are still happy to say that current cybersecurity strategies are ‘sustainable’ – when their own observations clearly indicate otherwise.

“Then there’s also the pressure: practitioners believe the defences in which they are responsible for investing increasingly large amounts of money will ultimately fail to protect their organisation, and expect to feel or to be held responsible when the big breach comes. It’s the cybersecurity version of the old maxim that ‘all political careers end in failure’: many cybersecurity practitioners appear resigned to the idea that their career could hit the buffers in a similar fashion. Having that expectation dangling over your head daily can’t be healthy and it’s unsurprising that it emotionally impacts dedicated, hard-working practitioners,” he observed.

“Third, it’s uncomfortable to learn that a full quarter of respondents at these big organisations recognise that they aren’t rigorously applying the gold standard, four-step process [of identification, assessment, treatment and monitoring] to risk and compliance management. This chimes with what we observe ‘in the field’, where we frequently encounter approaches, processes and solutions which resemble a two-and-a-half step process and ultimately emphasise defensive measures – the approach that currently isn’t working.

“It begs the entwined questions of whether or not a significant number of practitioners might misunderstand the gold standard process, and whether existing solutions and practices have contributed to a watering-down of that process that practitioners haven’t noticed happening,” he said.

“Finally, it’s clear that practitioners are pinning a great deal of expectation on new or emerging AI-based solutions to tilt the field back in their favour. Since they know that bad actors will also have access to new and emerging AI-based tools, it may be that they expect some sort of cancelling-out effect to occur, resulting in the cybersecurity equivalent of a nil-nil or low-scoring draw – which the research suggests they’d bite your hand off for,” he concluded.

Helping to change the ‘ever higher walls/deeper moats’ approach to cybersecurity, Darkscope offers the world’s premier predictive cyber threat intelligence for enterprises. Its unique, award-winning, AI-powered portfolio of solutions spots cyberattacks that others can’t, and before they take place – so those responsible for cybersecurity can reinforce their cyber defences where they know they’re about to be needed. This enables practitioners and organisations to regain control of their overall cybersecurity expenditure, as well as lowering their vulnerability to a successful breach.

Of note: Green Raven Limited commissioned research specialists Censuswide to survey 200 senior cybersecurity professionals, all of whom are [a] CISO/director/head/manager of [in] their organisation’s cybersecurity team, at a UK organisation with at least 1000 employees. There are 1,960 organisations in the UK that employ at least 1,000 people, meaning the survey reached more than 10% of all organisations in scope. The survey was conducted at the end of October 2024. Read the report here.

About Green Raven Limited: Based in Cheltenham, UK and covering EMEA, Green Raven Limited is a specialist cybersecurity consultancy and reseller, applying decades of track record, experience and knowledge to bring together customers and cybersecurity solution providers. In particular, Green Raven is a white-label partner for Darkscope, the world’s premier predictive cyber threat intelligence for enterprises. Green Raven’s implementation of Darkscope’s unique, award-winning, AI-powered portfolio of solutions spots cyberattacks that others can’t, and before they take place – so those responsible for cybersecurity can reinforce their cyber defences where they know they’re about to be needed.

Media contacts: Rose Ross, rose@omarketing.com or SarahOlney  sarah@omarketing.com, Omarketing, M: +44 (0)7976 154 597

The post News alert: Green Raven study shows cybersecurity to be a black hole in more ways than just budget first appeared on The Last Watchdog.

Tel Aviv, Israel, Dec. 3, 2024, CyberNewswire — With Sweet, customers can now unify detection and response for applications, workloads, and cloud infrastructure

Sweet Security today announced the release of its unified Cloud Native Detection and Response platform, designed to transform the way organizations protect their cloud environments in real time.

Sweet’s platform integrates the capabilities of Application Detection and Response (ADR), Cloud Detection and Response (CDR), and Cloud Workload Protection Platform (CWPP) into one comprehensive solution. This innovative approach delivers unparalleled detection and response capabilities, unifying insights from every layer of the cloud stack.

“The Sweet team has worked tirelessly to build a platform that not only meets the needs of today’s security landscape but also anticipates the challenges of tomorrow,” said Dror Kashti, CEO of Sweet. “With our supercharged detection and response capabilities, we’re providing organizations with the tools they need to secure their cloud environments faster and more effectively than ever before.”

In an era where security teams face an average dwell time of 10 days to resolve cloud incidents due to lack of context, Sweet Security empowers organizations to put detection and response at the forefront of their cloud defense strategy, providing the ability to act on threats as they happen and ensuring an incident never becomes a breach.

When detection and response is siloed between application, workload, and cloud infrastructure levels, it results in fragmented alerts that require security teams to piece together in order to understand the scope of the attack.

“Sweet Security’s Cloud Native Detection and Response platform has been a game changer for us,” said Shai Sivan, CISO at Kaltura. “The ability to unify visibility across both application activity and infrastructure changes has been crucial in gathering the forensic data we need. With average detection times of just 30 seconds and the ability to respond to incidents in 2-5 minutes, Sweet has decreased our Mean Time to Resolution (MTTR) by an impressive 90%, allowing us to respond faster and more effectively.”

In addition to unified detection and response, Sweet Security’s platform is equipped with a suite of next-generation capabilities that are powered by GenAI, including:

•Unified Cloud Visibility

•Vulnerability Management

•Runtime CSPM

•Identity Threat Detection & Response (ITDR)

James Berthoty, cloud expert and owner of Latio Tech, recently commented on Sweet Security’s unified solution, stating, “Cloud Application Detection & Response is all about combining cloud, workload, and application layer contexts into a single storyline to make incident response in the cloud finally a reality. For too long we’ve been content with mediocre visibility into our most important assets. Sweet is on the frontlines of changing that by giving teams the cross-layer visibility they’ve needed for years.”

Book a meeting with Sweet Security at AWS re:Invent 2024 in Las Vegas here.

About Sweet Security: Specializing in Cloud Native Detection & Response (D&R), Sweet Security protects cloud environments in real time. Founded by the IDF’s former CISO, Sweet’s solution unifies threats insights from cloud applications, workloads and infrastructure. Leveraging a lean, eBPF-based sensor and deep behavioral analysis, Sweet analyzes anomalies, generating vital insights on incidents, vulnerabilities, and non-human identities. Its GenAI-infused technology cuts through the noise and delivers actionable recommendations on critical, real-time cloud risks. Privately funded, Sweet is backed by Evolution Equity Partners, Munich Re Ventures, Glilot Capital Partners, CyberArk Ventures and an elite group of angel investors. For more information, please visit http://sweet.security.

Media Contact: Elizabeth Safran, Looking Glass Public Relations for Sweet Security, 381031@email4pr.com

The post News alert: Sweet Security releases its evolutionary Cloud Native Detection and Response platform first appeared on The Last Watchdog.

Tel Aviv, Israel, Nov. 11, 2024, CyberNewswire — Sweet Security today announced the availability of its cloud-native detection and response platform on the Amazon Web Services (AWS) marketplace.

Sweet’s solution unifies threat detection across cloud infrastructure, network, workloads, and applications. It provides deep runtime context that enables security teams to quickly extract actual attack narratives from a sea of isolated incidents.

Using Sweet, AWS Marketplace customers can detect active threats in real time and respond to them within minutes, enabling them to resolve threats with unprecedented speed – 2-5 minute MTTR – and maintain an agile and resilient environment.

AWS customers visiting AWS re:Invent 2024 in Las Vegas can book a meeting to learn more here.

“Cloud environments are noisy and complex, making them fertile grounds for attackers — deterring them requires detection and response capabilities that, to date, have been aspirational, but we’ve made them table stakes,” said Eyal Fisher, Co-Founder and Chief Product Officer of Sweet Security and former head of the Cyber Operation Center, Unit 8200 (Col., retired). “We’re delighted that our solution is now available to AWS Marketplace customers and look forward to helping them simplify the burden of cloud security and do their jobs faster and better.”

What Makes Sweet so Sweet?

Sweet Security offers detection and response for cloud native environments. Its approach is unique in how it unifies detection across cloud infrastructure, network, workloads, and applications, providing deep runtime context that cuts through the noise and delivers actual attack narratives.

Key Features include:

•Advanced threat detection and incident response (IR) across infrastructure, network, application, and workload levels.

•Vulnerability management enriched with runtime insights, reducing CVEs by 99% and putting only the critical risks in front of security personnel.

•Lean sensor technology that requires minimal resources (50 MB RAM, 0.20% CPU per node) and take only minutes to deploy

•30+ out-of-the-box integrations with SIEM, SOAR, notification and ticketing systems, and mor

Sweet empowers security teams to achieve a Mean Time to Detect of 30 seconds (MTTD) and a 2-5 minute Mean Time to Resolve (MTTR), transforming cloud security into a more proactive and effective discipline.

For more information, users can visit Sweet Security on the AWS Marketplace.

About Sweet Security: Specializing in Cloud Native Detection & Response (D&R), Sweet Security protects cloud environments in real time. Founded by the IDF’s former CISO, Sweet’s solution focuses on the relationships between cloud infrastructure, workloads and applications , as well as network, and identity components. Leveraging a lean, eBPF-based sensor and deep behavioral analysis, Sweet analyzes anomalies, generating vital insights on incidents, vulnerabilities, and non-human identities. Its GenAI-infused technology cuts through the noise and delivers actionable recommendations on critical, real-time cloud risks. Privately funded, Sweet is backed by Evolution Equity Partners, Munich Re Ventures, Glilot Capital Partners, CyberArk Ventures and an elite group of angel investors. For more information, please visit http://sweet.security.

Media contact: Chloe Amante, Account Director, Montner Tech PR, camante@montner.com

The post News alert: Sweet Security rolls out its advanced runtime detection and response platform for AWS first appeared on The Last Watchdog.