7 minute read
Sophos Intercept X Endpoint
Sophos Intercept X Endpoint Protection for 5G PCs
Sophos has today announced its plans to provide Sophos Intercept X endpoint protection for 5G PCs powered by Qualcomm Snapdragon compute platforms from Qualcomm Technologies, Inc. The combination of Sophos Intercept X with Snapdragon compute platforms will provide users next-generation security through an always-on, always-connected PC environment.
Advertisement
Snapdragon compute platforms enabling 5G connectivity to build on smartphone technology to deliver premium performance and efficiency to 4G and 5G cellular-connected thin and light fanless laptops. Sophos Intercept X is designed to protect advanced computing systems and endpoints, stopping the latest cybersecurity threats with deep learning AI and anti-ransomware capabilities. Sophos expects Intercept X for Snapdragon compute platforms to be available in the second half of 2021.
“An always-on, always-connected, interactive computing environment that combines smartphone and PC technology delivers unique security capabilities and opportunities,” said Joe Levy, chief technology officer, Sophos. “Mobile devices historically have experienced far fewer security incidents than PCs powered by traditional architectures. It’s certainly not because they aren’t ubiquitous, but rather because of their modern architecture that offers overall predictability relative to PCs, enabling application vendors to design high-performance and secure software. Snapdragon compute platforms mark a major step forward because they provide all the utility and performance of a PC, but with many of the benefits associated with modern mobile computing devices. Security loves predictability, and Sophos is excited to be a part of securing this next-generation computing platform.”
Sophos Intercept X will also:
• Leverage Connected Standby for continuous communication with a fleet of Snapdragon-powered PCs so that security investigations have fewer unknowns as data won’t be missed due to devices being offline • Use AI acceleration through the
Qualcomm AI Engine to compile increasingly AI-dependent software real-time on a device with optimizations to run faster and more power-efficient, which is important when devices are running on a battery • Harness the hardware-level root of trust to ascertain device and cryptographic integrity in order to create strong identity bindings
“Now, in addition to enabling always on, always connected PC experiences, our 5G-enabled Snapdragon compute platforms bring next-generation security innovation rooted in our advanced AI and 5G connectivity capabilities,” said Miguel Nunes, senior director, Product Management, Qualcomm Technologies, Inc. “By working with Sophos, we are taking on-device security to a new level by enhancing their industry-leading endpoint protection with AI accelerated threat detection on our solutions. We’re excited for Sophos to transform computing with next-generation enterprise-grade security on 5G powered Snapdragon compute platforms.” Mimecast has announced its API and Alliances program has hit a new milestone and now offers 60 out-ofthe-box and custom integrations with security technology partners such as CrowdStrike, IBM Security, Netskope, Palo Alto Networks, Rapid7, ServiceNow, and Splunk. Integrations are designed to allow organizations to gain greater insights into their threat landscape, reducing complexity, minimizing risk, and improving threat detection and response.
Through Mimecast’s robust set of API integrations, organizations can incorporate Mimecast Threat Intelligence into their broader security ecosystem. This integrated threat intelligence helps increase the efficacy of the tools used to protect the enterprise. Additionally, organizations looking to automate repetitive tasks can use Mimecast’s APIs and integrations with SOAR, ITSM, and internal systems to significantly reduce the meantime to remediate.
“A dramatic increase in the volume and success of phishing, business email compromise, and other types of cyberattacks, requires organizations to reevaluate their security controls and processes. The average enterprise organization has 75 security solutions in its ecosystem, which is difficult to manage efficiently if not integrated,” said Jules Martin, vice president, ecosystem & alliances at Mimecast. “More than half of our enterprise customers are using one or more of our pre-built integrations, some as many as five.”
Mimecast recently hosted SecOps Virtual, an event where customers and technology partners explored how to optimize Mimecast and other security investments with high-impact API integrations. Event sponsors CrowdStrike, Netskope, Palo Alto Networks, Rapid7 and Splunk led educational breakout sessions with actionable recommendations.
Mimecast Ecosystem Now Offers Over 60 Cybersecurity and Compliance Integrations
Check Point Software Expands its Unified Cloud Security Platform
Check Point Software Technologies has extended the capabilities of its unified CloudGuard Cloud-Native Security platform with the launch of new CloudGuard Application Security (AppSec), a fully automated web application and API protection solution, enabling enterprises to secure all their cloud-native applications against both known and zero-day attacks. CloudGuard AppSec, part of the CloudGuard Workload Protection capabilities, eliminates the need for manual tuning and high rate of false-positive alerts associated with legacy Web Application Firewalls (WAFs), using contextual AI to prevent attacks from impacting cloud applications and enabling enterprises to take full advantage of cloud speed and agility.
Web application breaches doubled in 2020 but legacy rule-based WAFs cannot keep up with the speed at which today’s cloud-native applications evolve. These first-generation approaches rely on threat signatures and complex manual rule tuning. This problem is magnified as organizations move to run containerized apps: a 2020 container usage study found that 49% of all containers are live for less than 5 minutes, and 21% for less than 10 seconds. These rapid changes cause legacy WAFs to produce an unsustainable overload of false positive alerts and manual admin work, often forcing security teams to leave these solutions in ‘alert only’
“Web applications are increasingly targeted by criminals, but traditional WAFs are simply unable to keep pace with the speed at which today’s cloud apps change and demand constant manual management, which leaves organizations dangerously exposed to attacks and costly breaches,” said TJ Gonen, Head of Cloud Product Line, at Check Point Software. “Our strategy is to help enterprises secure their most critical workloads – their applications and data – with a unified platform that protects all workloads, including serverless functions and containers, from code to application runtime, all at the speed of DevOps. CloudGuard AppSec simply automates all aspects of application security, with virtually no need for ongoing management, in any cloud environment or infrastructure.”
Vectra Extends Cloud Identity Detection Capabilities with Microsoft Azure AD
Vectra AI has announced enhanced cloud identity detection capabilities using Azure AD within its Cognito Detect for Office 365. By integrating at the identity layer, Vectra gives complete cloudto-ground security coverage over an organization’s entire SaaS ecosystem. This single configuration effectively puts an end to lateral movement between ground and cloud.
In the rapidly adopted remote work environment, data is stored and distributed across countless cloud applications. For many organizations, Azure AD holds the keys to the kingdom because it is leveraged for federated authentication to their SaaS applications. The adoption of Azure AD reached 425 million active users by the end of 2020 and last month Microsoft reported a 50 percent increase in Azure sales in its second fiscal quarter of 2021.
This means that compromising a single Azure AD account can give an attacker access to a vast trove of data housed across multiple SaaS applications. With the Vectra extended support for Azure AD, Cognito Detect for Office 365 fills an unanswered security gap by drastically reducing the consequences of a largescale supply chain breach while offering a simple and comprehensive way to secure users’ cloud identities.
“Organizations must be able to see and stop attacks that have circumvented preventative controls, including multifactor authentication (MFA), to gain access to their network and data. This starts with monitoring account usage for attack behavior and intent,” said John Mancini, Sr. Product Manager. “By using artificial intelligence to analyze how accounts are being used, we find attack behaviors in Azure AD to detect and stop account takeovers before an attack can compromise SaaS applications.”
Vectra is the first NDR solution to offer universal control over data and identities to meet growing privacy and compliance concerns. Other security solutions require configuration on a per-app basis for security coverage, which is too cumbersome and time-consuming to benefit organizations in the long-run or in the throes of a breach. Vectra integrates directly with Azure AD, giving full coverage of all federated SaaS applications. Stopping attackers earlier in the kill chain.
The adoption of public cloud services has skyrocketed within the past year, with Canalys reporting that the worldwide cloud market grew by 33 percent in Q3 2020 alone. This rapid cloud migration has led to a massive gap in visibility where traditional security solutions are unable to see what happens in the cloud. To combat this, Vectra offers patented, industry-leading behavioral detections for cloud identity to secure SaaS applications from account takeovers and malicious insider attacks.
