Infosec products of the month: May 2024

The Third-Party Intelligence module combines vendor-specific cyber threat intelligence with cybersecurity posture data from suppliers' tech environments, exposing a critical blind spot for security teams.
Synopsys Polaris Assist automates repetitive, time-consuming tasks for security and development teams.
Polaris Assist combines Large Language Model technology with Synopsys' application security knowledge and intelligence - including coding patterns, vulnerability detection rules, and Black Duck's vast open source knowledge base - to provide security and development teams with easy-to-understand summaries of detected vulnerabilities, AI-generated code fix recommendations, and other insights to help them build more secure software faster.
Secure Code Warrior SCW Trust Score quantifies the security posture of developer teams.
Secure Code Warrior unveiled SCW Trust Score, a benchmark that quantifies the security posture of organizations' developer teams.
SCW Trust Score provides a vital baseline of the impact of their learning programs, assesses its effectiveness, and enables security, developer and engineering teams to more effectively collaborate and recalibrate skills training.
Splunk announced Splunk Asset and Risk Intelligence, a solution designed to power the SOC of the future by helping businesses streamline compliance, reduce cyber risk and eliminate the sources of shadow IT. It allows security operations teams to map relationships between assets and identities to expedite investigations, enabling rich asset and identity context for faster security incident response.
With Singularity Cloud Native Security, SentinelOne provides a comprehensive CNAPP that blocks attacks, combining its Cloud Native Security with AI-powered Cloud Workload Security and Cloud Data Security threat protection products to deliver visibility and mitigation capabilities in a single cloud security platform.
Sumo Logic's analytics capabilities allow security teams to find insights within their data.
Sumo Logic announced new AI and security analytics capabilities that allow security and development teams to align around a single source of truth and collect and act on data insights more quickly.
These advancements empower customers to use their critical security data to close security gaps and better fuel DevSecOps.
Cranium AI Exposure Management empowers organizations to identify vulnerabilities in AI infrastructure, ensuring the security and reliability of machine learning applications and supercharge red-teaming efforts to discover novel threats, inform protection strategies, and harden AI systems against known adversarial tactics and vulnerabilities to help secure AI/LLM development and usage.
Forcepoint ONE Data Security simplifies data protection with zero-trust principles for all organizations.
The new Forcepoint SaaS solution provides unified management for endpoint and multi-channel cloud data security, eliminating the need for multiple tools and complex policy management.
Forcepoint offers a single place to manage data security policy for global compliance and proactive breach prevention across all digital channels.
OWASP dep-scan: Open-source security and risk audit tool.
OWASP dep-scan is an open-source security and risk assessment tool that leverages information on vulnerabilities, advisories, and licensing restrictions for project dependencies.
PlexTrac Plex AI helps offensive security teams write reports.
Plex AI applies PlexTrac's algorithms to scale findings development and authoring, saving countless hours in manual proactive security report development while ensuring the quality and data integrity that leading MSSPs, MSPs, and enterprises demand.
Adaptive Shield has extended the capabilities of its SaaS Security Posture Management unified platform to cover complex Permissions and Shared Data.


This Cyber News was published on www.helpnetsecurity.com. Publication date: Mon, 03 Jun 2024 03:13:05 +0000


Cyber News related to Infosec products of the month: May 2024

AuditBoard enhances InfoSec Solutions to reduce compliance fatigue across the organization - AuditBoard announced powerful enhancements for its InfoSec Solutions to help organizations meet their IT compliance, cyber risk, and vendor risk management needs in the face of rising risks and increased regulatory requirements. With these new ...
1 month ago Helpnetsecurity.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
6 months ago Esecurityplanet.com
Infosec pros sound off on usefulness of higher education The Register - Half of infosec professionals polled by Kaspersky said any cybersecurity knowledge they picked up from their higher education is at best somewhat useful for doing their day jobs. On the other hand, half said the know-how was at least very useful. The ...
4 months ago Go.theregister.com
Infosec pros sound off on usefulness of higher education The Register - Half of infosec professionals polled by Kaspersky said any cybersecurity knowledge they picked up from their higher education is at best somewhat useful for doing their day jobs. On the other hand, half said the know-how was at least very useful. The ...
4 months ago Theregister.com
What is Certified information Security Manager? Definition from SearchSecurity - Certified Information Security Manager is an advanced certification that indicates that an individual possesses the knowledge and experience required to develop and manage an enterprise information security program. CISM is offered by ISACA, a ...
2 months ago Techtarget.com
Netskope Report Surfaces Raft of Cybersecurity Challenges - A report published by Netskope today revealed that, on average, 29 out of every 10,000 enterprise users clicked on a phishing link each month in 2023. Based on anonymized usage data collected by the Netskope Security Cloud platform, the report also ...
5 months ago Securityboulevard.com
Ransomware Attacks in November Rise 67% From 2022 - Global levels of ransomware attacks rose 30% in November, with a total of 442 attacks, following a lower volume of attacks in October according to NCC Group's November Threat Pulse. As the third most active month of the year, ransomware levels in ...
5 months ago Darkreading.com
Ransomware review: December 2023 - This provides the best overall picture of ransomware activity, but the true number of attacks is far higher. In November there were 457 total ransomware victims, making it the most active month for ransomware gangs in 2023 so far besides May. The top ...
6 months ago Malwarebytes.com
Wait, infosec isn't a computer science degree requirement? The Register - Comment There's a line in the latest plea from CISA - the US government's cybersecurity agency - to software developers to do a better job of writing secure code that may make you spit out your coffee. Jack Cable, a CISA senior technical advisor, ...
4 months ago Go.theregister.com
Wait, infosec isn't a computer science degree requirement? The Register - Comment There's a line in the latest plea from CISA - the US government's cybersecurity agency - to software developers to do a better job of writing secure code that may make you spit out your coffee. Jack Cable, a CISA senior technical advisor, ...
4 months ago Theregister.com
Vulnerability Summary for the Week of March 11, 2024 - Published 2024-03-15 CVSS Score not yet calculated Source & Patch Info CVE-2021-47111416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - Product linux - linux Description In the ...
2 months ago Cisa.gov
Join us at InfoSec Jupyterthon 2024 - Jupyter notebooks are continuing to grow in popularity in information security as an alternative or supplement to mainstream security operations center tools. Notebooks can be used interactively for threat detection and response, or as automated ...
4 months ago Microsoft.com
Vulnerability Summary for the Week of January 15, 2024 - This vulnerability affected all versions of GitHub Enterprise Server and was fixed in versions 3.11.3, 3.10.5, 3.9.8, and 3.8.13 This vulnerability was reported via the GitHub Bug Bounty program. Successful attacks require human interaction from a ...
4 months ago Cisa.gov
Social engineering in the era of generative AI: Predictions for 2024 - Breakthroughs in large language models are driving an arms race between cybersecurity and social engineering scammers. For businesses, generative AI is both a curse and an opportunity. It's not just AI models themselves that cyber criminals are ...
1 month ago Securityintelligence.com
Vulnerability Summary for the Week of March 4, 2024 - Published 2024-03-06 CVSS Score not yet calculated Source & Patch Info CVE-2023-52584416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67416baaa9-dc9f-4396-8d5f-8c081fb06d67 PrimaryVendor - ...
3 months ago Cisa.gov
Ransomware review: January 2024 - This provides the best overall picture of ransomware activity, but the true number of attacks is far higher. In February, there were 376 ransomware victims, marking an unusually active month for the historically subdued time period. February didn't ...
3 months ago Malwarebytes.com
December 2023 Patch Tuesday forecast: 'Tis the season for vigilance - Many in the retail industry have placed our systems in 'lockdown' since before Thanksgiving to ensure we don't interrupt ongoing sales. They won't be able to update them until after the holidays, but that doesn't mean they can't respond to threats. ...
6 months ago Helpnetsecurity.com
Week in review: Google fixes yet another Chrome zero-day exploit, YouTube as a cybercrime channel - Google fixes yet another Chrome zero-day exploited in the wildFor the eighth time this year, Google has released an emergency update for its Chrome browser that fixes a zero-day vulnerability with an in-the-wild exploit. Authelia: Open-source ...
2 weeks ago Helpnetsecurity.com
Cybercrime Groups Offering Six-Figure Salaries for IT Talents - Increasingly, organized crime organizations are operating as businesses rather than criminal organizations, advertising jobs on the dark web with a number of advantages for members. A recent Kaspersky study found that 61% of job ads posted by hacking ...
1 year ago Cybersecuritynews.com
Another Patch Tuesday with no zero-days, only two critical vulnerabilities disclosed by Microsoft - For the second month in 2024, there are no actively exploited vulnerabilities included in this month's security update from Microsoft. Still, both critical vulnerabilities addressed this month are notable because they affect Windows Hyper-V, ...
3 months ago Blog.talosintelligence.com
CVE-2024-37051 - GitHub access token could be exposed to third-party sites in JetBrains IDEs after version 2023.1 and less than: IntelliJ IDEA 2023.1.7, 2023.2.7, 2023.3.7, 2024.1.3, 2024.2 EAP3; Aqua 2024.1.2; CLion 2023.1.7, 2023.2.4, 2023.3.5, 2024.1.3, 2024.2 ...
4 days ago Tenable.com
Patch Tuesday, March 2024 Edition - Apple and Microsoft recently released software updates to fix dozens of security holes in their operating systems. Microsoft today patched at least 60 vulnerabilities in its Windows OS. Meanwhile, Apple's new macOS Sonoma addresses at least 68 ...
3 months ago Krebsonsecurity.com
Cisco intros AI to find firewall flaws, but it'll cost you The Register - Cisco's executive veep for security Jeetu Patel has predicted that AI will change the infosec landscape, but that end users will eventually pay for the privilege of having a binary brainbox by their side when they go into battle. Speaking at the Asia ...
6 months ago Go.theregister.com
How to Enrich Data for Fraud Reduction, Risk Management and Mitigation in BFSI - To stay ahead of these challenges, organizations are increasingly relying on data products to enrich their data and enhance their fraud reduction and risk management strategies. The Data Revolution in BFSI. Data is the lifeblood of the BFSI sector. ...
4 months ago Securityboulevard.com
6 Best Cybersecurity Training for Employees in 2024 - Cybersecurity awareness training programs are comprehensive, long-term products that show your workforce how to spot security threats and potential attacks. Cybersecurity training products typically offer informational videos, quizzes, and phishing ...
5 months ago Esecurityplanet.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)