AWS Lambda New Features, ServiceNow Integration, & Zscaler Acquires Smokescreen – ESW #229
This week in the Enterprise News, Paul and the Crew talk: Secure and monitor AWS Lamba with new, not related, features from Datadog and Imperva, ServiceNow integrates with Microsoft solutions, SentinelOne wins two awards, Reducing risk with IAM, Kemp lanches Zero Trust, AWS launches another contianer product, Zscaler acquires Smokescreen, Sumo Logic acquires DF Labs, Uptycs, Salt Security and Spec Trust secure funding... & more!
Announcements
Security Weekly is more than happy to announce that we will be at InfoSec World 2021 IN PERSON October 25th-27th, 2021! This year, our annual partnership with InfoSec World is extra special, as we are both business units under the CyberRisk Alliance brand! What does that mean for Security Weekly listeners & InfoSec World attendees? You will get to see and hear from many of the Security Weekly team at the event AND you will save 20% off on your world pass! Visit https://securityweekly.com/isw2021 to register using our discount code!
Hosts
- 1. Datadog’s AWS Lambda extension allows customers to collect telemetry from serverless applications – Help Net Security"Datadog’s AWS Lambda extension allows customers to collect telemetry from serverless applications. Developers can quickly add custom business metrics, distributed tracing, and collect logs from serverless applications to identify and diagnose errors before they impact customer experience. Datadog Serverless Monitoring supports all official AWS Lambda runtimes, ensuring that every team has visibility into their services."
- 2. Imperva introduces Serverless Protection to secure serverless computing functions – Help Net Security"Protection against malicious activity: Purpose-built for serverless computing, Imperva uniquely enables a positive security model that provides protection against malicious changes, like zero-day exploits, within the function. Deployed as an AWS Lambda layer, it can be deployed once and applied to multiple AWS Lambda functions. Visibility and protection from internal and external code vulnerabilities: Imperva Serverless Protection secures serverless functions from vulnerabilities embedded in first and third-party code — the underlying risk factor that can trigger a software supply chain attack. It effectively monitors and blocks vulnerabilities without elaborate or manual steps involved. OWASP Serverless Top 10 coverage: Imperva Serverless Protection offers protections from misconfigurations, code-level risks, injections and weaknesses. It stops HTTP response splitting and method tampering, code injection, and other complex threats. It also monitors for insecure cookies and transport, logging of sensitive information, unauthorized network activity, weak authentication, and other potential vulnerabilities. Deep visibility into security incidents at the application layer: Imperva Serverless Protection runtime monitoring gathers log-level information to provide forensic detail so security teams can fully understand the context of every attack with virtually no impact on latency. It also identifies and maps third-party dependencies used during runtime."
- 3. Jay Chaudhry: Zscaler Aims to Extend Zero Trust Architecture Through Smokescreen Acquisition – GovCon Wire"Smokescreen designed its platform to help customers protect networks, applications and endpoints with deception decoys."
- 4. Sumo Logic Completes Acquisition of DFLabs to Further Expand Cloud SIEM and Automation for Hybrid Cloud Customers and Managed Service Providers"With the combined expertise and technology of Sumo Logic and DFLabs, we are well-positioned to continue to drive our momentum and leadership as the cloud-native SIEM of choice, which will now include a leading SOAR for customers and managed service providers of all sizes and maturities."
- 5. ServiceNow backs $50M round for cybersecurity startup Uptycs – SiliconANGLE"Uptycs’ provides what it describes as the first product in the cloud-native security analytics category that detects hacking attempts across both cloud workloads and endpoints such as employee devices. Normally, companies must use separate security tools to protect cloud workloads and endpoints. Consolidating a workflow normally spread across multiple applications into a single platform can improve administrators’ productivity by removing the need to switch back and forth among different interfaces."
- 6. Salt Security Raises $70 million in Series C Funding"Salt Security offers a unique approach to API security with its flagship solution, the Salt Security API Protection Platform. The big data engine and AI and ML at the heart of the Salt C-3A Context-based API Analysis Architecture automates the continuous discovery of APIs and exposed sensitive data, stops API attackers during their reconnaissance activities, and delivers remediation insights. Needing no agents, software changes, or inline code, the patented Salt platform deploys quickly, with no impact on application performance."
- 7. SpecTrust raises $4.3M to unify people and data in the fight against cybercrime – Help Net Security"SpecTrust’s no-code platform allows risk teams to deploy, optimize, and enforce layered cybercrime defenses with zero engineering required. Advanced capabilities are normally only accessible to the largest companies in the world; SpecTrust allows businesses of any size to rapidly mature fraud detection and prevention capabilities, optimize onboarding compliance processes and vet user identity with continuous risk and trust assessments."
- 8. ServiceNow delivers new security integrations with Microsoft to automate security workflows – Help Net Security"New integrations with the ServiceNow Security Operations Solution Suite include Microsoft Azure Sentinel, Microsoft Threat & Vulnerability Management, Microsoft Teams, and Microsoft SharePoint. These integrations will help security operations teams make smarter decisions across security planning, management, and incident response."
- 9. Double Bullseye for SentinelOne in Recent Prestigious Global Accolades"SentinelOne’s endpoint security solutions came out on top among endpoint vendors in the latest ATT&CK Evaluation performed by MITRE Engenuity. Having recently released its results from the 2020 evaluation, SentinelOne was proud to report that it was the only vendor to achieve complete visibility, with zero missed detections, across both Windows and Linux environments. In addition, SentinelOne was also proud to announce that it has recently been positioned by Gartner as a Leader in the 2021 Magic Quadrant for Endpoint Protection Platforms. SentinelOne believes the placement is a testament to the company’s innovative Singularity XDR platform and scaled go-to-market execution in record time. "
- 10. Rapid7 : Reducing Risk With Identity Access Management (IAM)"DivvyCloud by Rapid7 contains an IAM Governance Module that essentially destroys and rebuilds an IAM policy stack by implementing a boundary view. When security teams are tasked with governing cloud environments at scale, this is when compliance might become a problem - without anyone realizing it. Even with what might be considered a sustainable boundary view, that perimeter will likely be more fluid than anyone can predict. DivvyCloud helps create a rational approach for managing that ever-changing identity-access perimeter."
- 11. Kemp Launches Zero Trust Architecture to Simplify Secure Application Access"Kemp, the always-on application experience (AX) company, today announces the launch of its Zero Trust Access Gateway (ZTAG) architecture to simplify the introduction of a zero-trust model for securing published workloads and services. The Kemp ZTAG solution is comprised of a suite of proxy, authentication, access logic, and automation capabilities that helps customers apply zero trust logic to load balanced web-based applications."
- 12. AWS launches containerized web application solution App Runner – SD Times"AWS App Runner is designed to help developers easily and rapidly develop, deploy and run containerized web applications and APIs by handling all the operational aspects such as provisioning, scaling and managing container orchestration, load balancing and CI/CD pipelines"