The editors at Solutions Review have curated this list of the most noteworthy endpoint security and network monitoring news for the week of August 25. This curated list features endpoint security and network monitoring vendors such as Auvik, Dope Security, Hewlett Packard Enterprises, and more.
Keeping tabs on all the most relevant endpoint security and network monitoring news can be a time-consuming task. As a result, our editorial team aims to provide a summary of the top headlines from the last month in this space. Solutions Review editors will curate vendor product news, mergers and acquisitions, venture capital funding, talent acquisition, and other noteworthy endpoint security and network monitoring news items.
Widget not in any sidebars
Endpoint Security and Network Monitoring News for the Week of August 25
Auvik Announces Partnership with Jenne
Auvik, a provider of cloud-based network management software, this week announced a new partnership with Jenne Inc., a value-added technology solutions distributors and cloud services brokerage. Together, Auvik and Jenne will deliver network management and SaaS monitoring solutions to value-added resellers (VARs), managed service providers (MSPs), integrators and telephony service provider companies, ultimately serving small and medium-sized businesses.
Fortress Adds Former Congressman John Katko to Its Advisory Board
John Katko, a former U.S. Congressman and New York Republican has joined the advisory board of Fortress Information Security (Fortress), a vendor of critical supply chain cyber security. Katko joins advisory board members Norm Willox, Ben Miron, Emily Murphy, Brian Harrell, and Anna Cotton. Katko, an original co-sponsor of the legislation that created the Cybersecurity and Infrastructure Security Agency (CISA) and a driving force behind the multiple increases in funding CISA received after its inception. He offers a unique perspective on how policy and legislation can drive industry action on cybersecurity.
DoControl Launches SaaS to SaaS Remediation Workflows
DoControl, an SaaS security platform, announced the launch of its SaaS to SaaS Remediation Workflows. The new expansion will extend its offering for SaaS to SaaS critical capabilities and initiate on-demand, scheduled, and fully automated remediation workflows to minimize the risk of cybersecurity supply-chain attacks originated from SaaS OAuth tokens. Deploying DoControl’s SaaS to SaaS Remediation Workflows is straightforward and will provide DoControl’s SSP users with a comprehensive and holistic remediation process through discovery, control, and automated remediation.
Dope Security Adds Shadow IT Monitoring Capability
This week, Dope Security, an endpoint security solutions provider, announced that it has added a shadow IT monitoring capability to its secure web gateway (SWG) offering, dope.swg. Dubbed Extended Shadow IT, the new feature is designed to help organizations keep track of when employees use unapproved IT resources, violating company policies on data security, privacy, or compliance. Monitoring personal and corporate types of access will allow organizations to monitor if and how much corporate data is being transferred to personal accounts. The dope.swg subscription gives users complete access to all of Dope’s secure web gateway features. This includes integrated URL filtering, SSL inspection with one-click error bypass, instant policy push, extended shadow IT monitoring, comprehensive cloud application controls, and customizable user and group-based policies.
Asimily Announces New Report; Quantifies Hospitals’ IoT and IoMT Cybersecurity Risk
Asimily, an Internet of Things (IoT) and Internet of Medical Things (IoMT) risk management platform, this week announced the availability of a new report: Total Cost of Ownership Analysis on Connected Device Cybersecurity Risk. The full report highlights the unique cybersecurity challenges that healthcare delivery organizations (HDOs) face and the true costs of their IoT and IoMT security risks. HDOs have a low tolerance for service interruptions to network-connected devices and equipment because of their crucial role in patient outcomes and quality of care. Resource-constrained HDO security and IT teams continue to face operational difficulties in sufficiently securing critical systems from increasingly-sophisticated attacks, as their vast and heterogeneous IoMT device fleets complicate management and, left unchecked, offer a broad attack surface. The report concludes that adopting a holistic risk-based approach is the most cost-efficient and long-term-effective path for HDOs to secure their critical systems and IoMT devices.
Hewlett Packard Announcement: YMCA of Greater Boston Chooses Aruba Instant On for Network Infrastructure
Hewlett Packard Enterprise announced this week that the YMCA of Greater Boston has updated its networking infrastructure with the Aruba Instant On small- and medium-sized business (SMB) portfolio. This enables the organization to support a growing number of Internet of Things (IoT) devices and other connected applications, while providing facility-wide connectivity for its members and visitors. The deployment is also reducing network management costs by 50 percent. As one of the largest private social services providers in Massachusetts, with an annual operations budget of over $84M, the YMCA of Greater Boston is utilizing its new network across 24 locations to innovate and digitize operations and provide guest Wi-Fi to more than 70,000 members and a total of nearly 2 million annual visits by members, program participants, visitors, and business partners.
Expert Insights Section
Watch this space each week as Solutions Review editors will use it to share new Contributed Content Series articles, Contributed Shorts videos, Expert Roundtable and event replays, and other curated content to help you gain a forward-thinking analysis and remain on-trend. All to meet the demand for what its editors do best: bring industry thought leaders together to publish the web’s leading insights for enterprise technology practitioners.
US Cyber Trust Mark VS EU Cyber Resilience Act
Carsten Gregersen of Nabto examines the US Cyber Trust Mark, the EU Cyber Resilience Act, and what they both mean for IoT security. Finally, cybersecurity rules are coming to the Internet of Things (IoT). Following a decade of simultaneous endpoint and hacker growth, minimum cybersecurity thresholds will soon be in place for device vendors on either side of the Atlantic. Last month, The Biden Administration announced The Cyber Trust Mark, a consumer checkmark for digital products that meet required thresholds. Meanwhile, European leaders are currently debating The Cyber Resilience Act, legislation that will enshrine strong cybersecurity into law. But what impact will these rules have on device creators and consumers? And what differs between each jurisdiction? Let’s explore.
Learning from MOVEit: What to Do When a Zero-Day is Identified
Pandian Gnanaprakasam of Ordr examines what we can learn from MOVEit and what to do when a zero-day event is identified. Disclosure of the MOVEit managed file transfer software vulnerability sent companies scrambling to identify, contain and patch the potentially disastrous security issue. It’s a big problem– MOVEit is used by thousands of companies, including an estimated 1,700 software companies and 3.5 million developers. MOVEit is also significantly used in the healthcare industry, with HHS taking the extraordinary step of issuing an alert about the vulnerability. Are we exposed? Do we use it? Have these vulnerabilities already been exploited in my network? How deeply have the hackers penetrated my network– and how much data has already been exfiltrated? These are the questions asked immediately after a vulnerability of this sort is identified. Despite vulnerability disclosures of this magnitude happening often (remember how Log4j ruined IT teams’ December holidays a couple of years ago?), many companies need help to see if they are exposed and how deep the exposure might be. While it’s easy to ask questions about a zero-day vulnerability like this, finding the answers — and ensuring you’re better prepared for future unexpected disclosures like this — takes some work.
PCI DSS 4.0: Why Pen Testing is Key for Compliance
Eren Cihangir of Outpost24 makes the argument for why pen testing will be the key to meeting PCI DSS 4.0 Compliance. In a world where cyber-attacks are rife, and data breaches are an unfortunate daily occurrence, we’ve witnessed the disastrous impact when credit card information is breached. In 2017, the Equifax data breach exposed over 209,000 credit card details and impacted over 147 million people. The aftermath resulted in Equifax settling with regulators for $700 million. In 2019, Capital One (the fifth largest credit card issuer in the US) suffered a hack that compromised 106 million customers across the US and Canada. If we look more recently, HRM Enterprises, which owns the US’s largest independent hardware store, had 40,000 credit cards stolen because of a cyber-attack. To ensure that all merchants, credit card providers, and services that process, store, or transfer credit card data keep such information secure, they must adhere to the Payment Card Industry Data Security Standard (PCI DSS). This sets out the cybersecurity and privacy requirements to ensure these organizations maintain a safe environment. The compliance requirements are regularly being updated, with PCI version 4.0 announced in March 2022, with a deadline of March 31, 2024, for all organizations to be compliant.
Widget not in any sidebars
The post Endpoint Security and Network Monitoring News for the Week of August 25; Auvik, Dope Security, Hewlett Packard Enterprises, and More appeared first on Solutions Review Technology News and Vendor Reviews.