Rapid7 Acquires Intsights, Intezer Refines Malware Analysis, & Funding News – ESW #235

In the Enterprise News, SafeBreach adds support for new advanced attacks to the Microsoft Defender for Endpoint evaluation lab, Stellar Cyber XDR Kill Chain allows security analyst teams to disrupt cyberattacks, Bugcrowd Awarded U.S. Patents for Crowd-Enabled Vulnerability Detection, Microsoft puts PCs in the cloud with Windows 365, some funding and acquisition updates from Sysdig, AttackIQ, Stytch, SentinelOne, & more!

Full episode and show notes

Announcements

  • Security Weekly Unlocked will be held IN PERSON this December 5-8 at the Hilton Lake Buena Vista! Our Call For Presentations Deadline has been extended through July 23rd at 11:59 pm ET! Visit securityweekly.com/unlocked to submit your presentation!

Hosts

Paul Asadoorian
Paul Asadoorian
Founder at Security Weekly
  1. 1. SafeBreach adds support for new advanced attacks to the Microsoft Defender for Endpoint evaluation lab - "With the addition of the two new attacks, SafeBreach allows security teams to validate their endpoint solutions against the following advanced attacks: Carbanak+FIN7 – attacks for local host infection and malicious behavior, Solorigate – attacks for SolarWinds Orion Platform compromise using SunBurst malware, APT29 (CozyBear) – attacks for local host infection and malicious behavior, Credential threat – techniques such as dumping passwords and authentication tokens, OS configuration changes – modifying the operating system configuration to enable malicious activity, Code execution – techniques to verify whether it is possible to enable malicious activity, Ransomware infection – known attacks including WannaCry, JAFF, Locky, NotPetya, and others"
  2. 2. Stellar Cyber XDR Kill Chain allows security analyst teams to disrupt cyberattacks - "Stellar Cyber has incorporated its XDR Kill Chain into the new version 4.0 of its Open XDR platform. It is the first platform on the market to integrate a kill chain that is purpose-built for XDR, increasing the ability of security analyst teams to spot quickly both internal and external attacks as well full attack progressions. The new version enables both enterprises and MSPs/MSSPs/MDRs to make powerful new advancements in security team efficiency and boost the effectiveness of cybersecurity protection, detection and response."
  3. 3. SentinelOne raises over $1 billion in upsized U.S. IPO - "SentinelOne Inc, a cybersecurity firm backed by billionaire investor Daniel Loeb’s hedge fund Third Point, raised about $1.23 billion through an upsized U.S. initial public offering on Wednesday, giving it a valuation of roughly $8.87 billion."
  4. 4. Intezer – Reimagining the Malware Analysis Experience - "Support for analyzing non-binary formats (e.g., Microsoft Office documents and PDF files), Sandboxing capabilities and behavior analysis, Automatic extraction of Indicators of Compromise (IoCs), Mapping capabilities to the MITRE ATT&CK® matrix using static code analysis, Improved UI and simplified reports, Plus much more coming on our roadmap soon, including URL scanning and analyzing phishing emails"
  5. 5. Armis Secures 100% Visibility of all OT, ICS & IT Assets and Real-Time Detection Tactics in MITRE Engenuity ATT&CK® Evaluations for Industrial Control Systems (ICS) - " Armis provided 100% visibility of all IT & OT/ICS assets with real-time detection of all initial access and lateral movement. In addition, Armis achieved 100% coverage of all MITRE Engenuity ATT&CK Evaluations for ICS tactics."
  6. 6. Bugcrowd Awarded U.S. Patents for Crowd-Enabled Vulnerability Detection - " U.S. Patent No. 10,972,494 and U.S. Patent No. 11,019,091 validate Bugcrowd’s unique ability to leverage and integrate the expertise of the Crowd with its platform, common service infrastructure, workflow orchestration, and cross-organizational analytics to secure innovation sooner."
  7. 7. Rapid7 Acquires Threat Intelligence Firm Intsights for $335 Million - "Intsights seeks to be proactive -- to recognize and mitigate an attack before it occurs. It does this by crawling both the surface and dark web looking for indications that an attack is being planned by a hacker or criminal gang."
  8. 8. Cybereason acquires Israeli cybersecurity firm Empow
  9. 9. Riverbed Launches New Open-Forum Community to Serve NetOps, SecOps and IT Practitioners - "Riverbed announced today that it launched Riverbed Community, where customers, colleagues and peers come to connect to share their insights on visibility, performance and security of networks, applications and end users, and current issues affecting the IT industry, as well as shared experiences with Riverbed products and solutions. "
Tyler Robinson
Tyler Robinson
Director of Offensive Security & Research at Trimarc and Founder & CEO of Dark Element at Trimarc Security
prestitial ad