Kenna Security deployed its new data-driven vulnerability management program, Kenna.VM and accessory program, Kenna.VI. Released on April 28, Kenna.VM was created with the purpose to set service-level agreements (SLAs) with risk tolerance in mind. These risk-based SLAs will draw on Kenna’s data and experience collected in over a decade of cybersecurity. Kenna.VM comes with CrowdStrike’s Falcon Spotlight endpoint detection and Twistlock container security tool. The product offers a strong analytical source from which to manage and understand your business’s security risk tolerance and security level.
Source: SoftwareReviews Kenna Security, Accessed May 7, 2020
Kenna Security’s goal is to help an organization determine what risk level is acceptable for their business. By understanding your appropriate risk tolerance level, Kenna Security can recommend appropriate SLAs that are based on risk and a data-driven approach, not recommendations based on arbitrary timelines. As Jason Rolleston, chief product officer at Kenna Security said, “effective cybersecurity is about managing acceptable risk.” In conjunction with CrowdStrike and Twistlock, Kenna Security offers an accurate picture of a company’s security risk landscape.
The vendor also provides Kenna.VI, which is a research tool to be used in tandem with Kenna.VM. Kenna.VI’s database is based on years of research conducted by Kenna Security and its partners. Companies can use this to search for Common Vulnerabilities and Exposures (CVEs) that are being exploited. This allows for businesses to prepare their security networks for these contingencies and harden their defenses in relation to the vulnerabilities that they are most likely to face. Thus, Kenna.VI saves team resources and cuts down on spending.
Any security program offered in a bundle will often provide a comprehensive overview of the security status of a business. This is for two reasons. First, patch data can come from a multitude of sources, not just internal scanners and, by partnering with additional cybersecurity partners, Kenna Security’s analysis of a business’s internal security tolerance and vulnerabilities comes from multiple sources, increasing the fiduciary relationship of each data set.
Second, Kenna.VM is designed to be as simple as possible for IT and security to interact with one another. The Hierarchical Risk Meters (HRMs) show intuitive visualization of the organization’s assets. These HRMs can also dig deeper to analyze CVE score histories – offering even more clarity into the risks the business faces and how security has changed over time. Kenna.VM and VI, together with their partners, offer a great depth of knowledge and resources for businesses to use to understand their security risk and tolerance. Especially important is knowing what unique threats your business faces. When a budget is tight, being able to redirect funding to known threat vectors instead of a generalized program is an excellent cost-savings method while still addressing the security needs of the business.
The principle of having only one vendor as part of your vulnerability management platform was the norm for a long period of time. More and more, we are seeing vendors combining their strengths by working with other vendors as a package deal to augment and enhance any failing between their offerings. On the consumer end, the benefits of multiple vendors working to secure your network gives you more eyes on the scene, alternative perspectives, and insights that would have otherwise been missed.
The Department of Justice is looking to acquire a GRC tool for the Office of the CIO within the FBI’s Enterprise Information Security Section.
Google has identified “unsafe” code in the Chromium web browser engine. This flaw introduces a potential vulnerability that effects Google Chrome, as well as all Chromium-based web browsers.
The International Association of Privacy Professionals (IAPP) has released its 2020 Privacy Tech Vendor report, reviewing key software solution vendors within the space. This year’s report highlighted the recent addition of Data Subject Request (DSR) to the feature categories.
Among the full set of features available in Zecurion’s new DLP product is the ability to perform user behavior analytics to help spot data loss events before they occur.
Zecurion has one of the most robust DLP products on the market and this fact was recently recognized by SC Magazine, who placed the product in its “pick-of-the-litter" category for DLP.
In early March, Titus released Titus Illuminate 2020, which was the company’s answer to the question of analyzing data at rest. This latest version of Illuminate leverages machine learning and AI in an effort to manage data that contains potentially sensitive or high-risk personal information.
More than ever, cybersecurity solutions are core to any MSPs offering. No longer should technology service providers be farming this out to dedicated security providers. Trust and peace of mind are the core tenets of what they are selling and solutions like Acronis Cyber Protect Cloud can provide the platform upon which to deliver on those promises.
PHEMI is a data privacy solution focused on keeping data-processing activities secure by redacting information based on the role of the accessor. Thus, allowing such data to be used for multiple use cases without compromising privacy.
“Connected reporting capabilities, control testing, real-time collaboration, cloud-based access, stringent security measure and permissions controls” are considered the leading factors behind CFGI offering Workiva to its clients.