In the news, we discuss how Okta is launching offerings for threat detection and remediation, Tenable extends Lumin to all platform customers, Signal Sciences announces integration with Pivotal Container Service, and how Thoma Bravo made a 3.9 Billion dollar offer to acquire Sophos!
Visit https://www.securityweekly.com/esw for all the latest episodes!
To learn more about our sponsors visit: The Security Weekly Sponsor’s Page
- Okta launches offerings for threat detection and remediation – Okta is introducing two features of SecurityInsights: UserInsight, suspicious activity reporting for end-users, and HealthInsight, customized, dynamic security best practice recommendations for administrators. These end-user and administrator functionalities build on Okta’s ThreatInsight, network effect-driven protection that prevents threat actors from compromising user accounts by identifying and blocking malicious IPs pre-authentication.
- Tenable Extends Lumin to All Platform Customers – The Cyber Exposure score is an objective measure of cyber risk, derived through data-science based measurement of vulnerability data together with other third-party data such as threat intelligence and asset criticality. The score is automatically generated through machine learning algorithms which combine the vulnerability with its likelihood of exploitability and the related asset’s business criticality.
- Thoma Bravo makes $3.9 billion offer to acquire Sophos – CEO Kris Hagerman, as you would expect, put the deal in the brightest possible light. “Sophos is actively driving the transition in next-generation cybersecurity solutions, leveraging advanced capabilities in cloud, machine learning, APIs, automation, managed threat response, and more. We continue to execute a highly-effective and differentiated strategy, and we see this offer as a compelling validation of Sophos, its position in the industry and its progress,”
- Radware’s Kubernetes WAF Enables DevOps Organizations to Develop and Deliver Applications Securely Without Compromising Agility – Radware Kubernetes WAF is currently the only solution offering an auto policy generation and optimization engine for application security in Kubernetes environments, enabling protection against known threats and zero-day attacks alike. It provides data leakage protection across web applications and APIs and gives both DevOps and Security teams unprecedented visibility including security events and policies, application telemetry, network statistics, performance and minimal latency. The solution enables single termination of TLS traffic only at the host level and thus eliminates the need to manage multiple certificates across different parties.
- Announcing GraphQL Security Scanning – GraphQL makes it easy to decouple user interface needs from a backend API server by offering a buffet of data and relationships without restricting the format to a specific JSON payload. Nowadays UI developers can iterate quickly, but this puts extra load on API server engineers to make a performant, and most importantly safe, GraphQL API. One huge advantage of GraphQL APIs is that they are self-documenting. Most GraphQL APIs can be introspected to pull out the types, fields, and mutations. This can make it a joy to work with a tool like GraphiQL to explore an API, but also makes it very easy to get started scanning.
- Signal Sciences Announces Integration with Pivotal Container Service
- CounterFlow AI launches ThreatEye, an open, scalable AIOps platform – Differentiators are important: “Based on an AIOps-powered platform, ThreatEye enables machine learning and artificial intelligence to go to work for security analysts and provide them instant access to the hard facts sooner,” said Randy Caldejon, chief executive and co-founder at CounterFlow AI.
- Acronis’ integrated stack of solutions provides edge, endpoint, and data center workloads protection – Acronis Cyber Protect, integrates seven key cyber protection capabilities into one easy-to-use solution – including backup, disaster recovery, AI-based protection against malware, data authenticity certification and validation, vulnerability assessments, patch management, and remote monitoring and management.
- We have exciting news about the Security Weekly webcast program: We are now partnered with (ISC)2 as an official CPE provider! If you attend any of our webcasts, you will be receiving 1 CPE credit per webcast! Register for one of our upcoming webcast with Zane Lackey of Signal Sciences, Ian McShane from Endgame, or Stephen Smith and Jeff Braucher of LogRhythm (or all 3!) by going to securityweekly.com/webcasts If you have missed any of our previously recorded webcasts, you can find our on-demand library at securityweekly.com/ondemand