Showing posts with label Security. Show all posts
Showing posts with label Security. Show all posts

Thursday, February 15, 2018

Oracle acquires Zenedge for cloud-based network security

Oracle agreed to acquire Zenedge, which helps enterprises secure their IT systems whether deployed in cloud, on-premise or hybrid hosting environments. Financial terms were not disclosed.

Zenedge, which is based in El Segundo, California, offers Web Application Firewall (WAF) and Distributed Denial of Service (DDoS) mitigation products. The company said its products help defend over 800,000 web properties and networks globally.

Oracle said the Zenedge acquisition will help expands its Cloud Infrastructure and Domain Name System (DNS) capabilities, adding innovative application and network protection that augments existing Oracle security services and partnerships.

"Customers demand enterprise-grade infrastructure to run their critical business systems in the cloud," said Don Johnson, Senior Vice President of Product Development, Oracle. "Oracle Cloud Infrastructure as a Service delivers leading cloud services to address those needs. The combination with Zenedge equips Oracle Cloud Infrastructure with integrated, next-generation network and infrastructure security, to address modern security threats."

"Customers achieve tremendous results with Zenedge's innovative WAF and DDoS mitigation products, from a 99% reduction in illicit website traffic to a 99.75% improvement in page load times," said Yuri Frayman, CEO of Zenedge. "We could not be more enthusiastic about joining forces with the leader in enterprise-grade cloud infrastructure, and delivering similar results to even more customers at scale."

Wednesday, January 24, 2018

Cisco to acquire Skyport for ultra secure servers

Cisco announced its intent to acquire Skyport Systems, Inc., a start-up based in Mountain View, California that offers "hyper-secured" servers for delivering trusted computing and policy enforcement at the application edge.  Financial terms were not disclosed.

Skyport's SkySecure converged system brings together zero trust compute, virtualization and a full stack of security technologies. It logs all traffic at a forensically auditable level, enabling users to see where traffic originates, where it is headed, whether it was allowed or not, what policy allowed or blocked it, and when and who put that policy into action. Remote management capability allows users to secure branch infrastructure without firewalls, proxies, MPLS or other security measures.

Skyport Systems team will join Cisco's Data Center – Computing Systems Product Group, which is led by Senior Vice President and General Manager Liz Centoni and the Service Provider – Networking Group led by Senior Vice President and General Manager Jonathan Davidson.

Investors in Skyport included GV (formerly known as Google Ventures), Cisco Investments, Thomvest Ventures, Northgate Capital, InstantScale, Index Ventures, Sutter Hill Ventures and Intel Capital. The company raised at least $67 million in funding over several rounds.

In June 2016, Skyport announced interoperability between its SkySecure platform and Cisco’s Application Centric Infrastructure (ACI) solution. The goal is to provide application-layer and system-level security and policy controls needed to extend the trust boundary from a system-level root-of-trust to the network edge. Skyport said its interoperability with Cisco ACI also mobilizes security policies, enabling them to follow workloads throughout their lifecycles, and lets users deploy and maintain secure administrative workstations, jump hosts and multi-zone DMZ architectures as an integral part of an overall security framework.


  

Tigera raises $10 million for secure app connectivity

Tigera, a start-up based in San Francisco, announced $10 million in new funding for its secure application connectivity for the cloud-native world.

Tigera is an open core enterprise software company delivering solutions for secure application connectivity.

Its newly launched enterprise solution, CNX, secures application connectivity using a proprietary ZT-Auth technology, which enables the enterprise to adopt a Zero Trust approach to application connectivity.

Tigera said it has been selected by each of the big four public cloud providers as the network policy provider for their managed Kubernetes offerings. Tigera’s software is integrated into AWS Elastic Container Service for Kubernetes, Microsoft Azure Container Service, Google Container Engine and IBM Cloud Container Service.

Monday, January 22, 2018

A10 debuts hybrid DDoS protection - on-prem + cloud overflow scrubbing

A10 Networks has launched a new hybrid DDoS protection solution for enterprises that combines its  Thunder 1040 TPS appliance with cloud capabilities powered by Verisign.

By integrating the new A10 DDoS Protection Cloud, powered by Verisign, with its Thunder 1040 TPS appliance A10 said it is able to deliver full spectrum enterprise protection to detect and mitigate distributed denial of service (DDoS) attacks.

The on-prem Thunder TPS appliance employs machine learning, traffic profiling and intelligent policy escalation in order to provide frontline defenses against all manner of DDoS attacks, including network-based, application layer, slow and low attacks. If a volumetric DDoS attack is detected that exceeds the bandwidth of the organization, the appliance will alert A10 so that traffic can be diverted to the Verisign cloud-based DDoS Protection service for scrubbing before delivery. Enterprises only pay for legitimate traffic and not for the amount of traffic that attacks apply against their network.

“A10 now provides a single advanced solution for on-premise and cloud scrubbing enterprise DDoS defenses, backed by our DDoS SIRT team,” said Raj Jalan, CTO, A10 Networks. “The surgical precision and hybrid, full spectrum approach of the A10 DDoS solution ensures enterprises are resilient to advanced DDoS attacks in the most effective and economical manner possible.”

“DDoS attacks are unpredictable and increasing in complexity. Eighty-eight percent of DDoS attacks mitigated by Verisign in Q3 2017 employed multiple attack types,” said Michael Kaczmarek, VP of Product and Marketing, Verisign Security Services. “Many enterprises need smart, scalable hybrid DDoS defenses to efficiently tailor mitigation strategies to combat the changes in the DDoS landscape like those offered by the A10 DDoS Protection Cloud and A10 Thunder TPS.”

Wednesday, January 17, 2018

Tel Aviv-based VDOO raises $13M for IoT security

VDOO, a cybersecurity start-up based in Tel Aviv, Israel raised $13 million in initial funding for its efforts to create an end-to-end platform for the automated analysis and certification of security on connected devices.

VDOO said its solution performs a security gap analysis on IoT devices, against the specific security requirements for each device type, and provides a detailed recommended plan of action to fill security gaps. Once security features have been implemented, VDOO validates that security requirements have been met and provides physical and digital certifications. The on-device digital certification agent monitors the security state of the device and communicates it to other systems such as gateways, firewalls, and edge solutions; which provides post-deployment security, ensuring the device is not being compromised.

VDOO was founded by Netanel Davidi, Uri Alter, both of whom previously founded Cyvera, a company that developed endpoint security solutions and which was acquired by Palo Alto Networks in 2014. A third founder of VDOO is Asaf Karas, who brings 2 decades of cyber experience with the IDF.

The venture round was led by 83North (formerly Greylock IL) and included participation by Dell Technology Capital and other strategic individual investors, including David Strohm, Joe Tucci, and Victor Tsao.

Wednesday, January 10, 2018

Arctic Wolf raises $16M for Cyber Security Ops Center service

Arctic Wolf Networks, a start-up based in Sunnyvale, California with offices in Ontario, Canada, raised $16 million in new funding for its security operations center (SOC)-as-a-service.

The Arctic Wolf service provides a cloud-based security incident and event management (SIEM) application combined with a team of expert security engineers committed to the client's operational requirements.

"Security operations centers are an essential element of modern cybersecurity, and every company needs one,” said Brian NeSmith, CEO and co-founder of Arctic Wolf. “We are transforming how companies look at cybersecurity from a product-centric view to one focused on proactive detection and response. The new funding allows us to invest in key areas of the business and maintain our extraordinary growth trajectory.”

The new funding was led by Sonae Investment Management with participation from Lightspeed Venture Partners, Redpoint Ventures and Knollwood Investment Advisory.

  • Arctic Wolf is headed by Brian NeSmith, who previously was CEO of Blue Coat Systems. Before that, he was the CEO of Ipsilon Networks (acquired by Nokia). 

Thursday, January 4, 2018

Barracuda acquires Phishline for security awareness

Barracuda Networks has acquired PhishLine, a start-up offering a SaaS platform for social engineering simulation and training that delivers security awareness for better phishing protection. Financial terms were not disclosed.

PhishLine, which is headquartered in Milwaukee, Wisconsin, offers data analytics and reporting to allow customers to measure and report on risks at macro and micro levels across the human and process layers. The company has three issued and eight pending patents for its SaaS platform, which includes multivariable attack simulations across email, text message, voice, and USB/mobile media; best-in-class data capture, analytics and reporting; and continual, complex analysis of employee performance. PhishLine was launched in 2011.

With this transaction, Barracuda said now delivers gateway security, data protection, AI-based targeted threat protection, and user awareness training for comprehensive protection against email-borne threats.

"Security awareness training is an important and quickly evolving area, particularly with increasingly targeted attacks making the human element a critical link in the security value chain," said BJ Jenkins, president and CEO at Barracuda. "PhishLine has a culture of developing innovative email protection solutions, including social engineering and data analysis offerings. Combining the power of the Barracuda security technologies with PhishLine's capabilities gives us the opportunity to deliver integrated, adaptive security training aimed at preventing email security threats."

Monday, December 11, 2017

Menlo Security raises $40M for cloud-based threat isolation

Menlo Security, which offers a cloud-based isolation platform that prevents web-based malware from infecting local machines by running the browser in a cloud-based container, raised $40 million in Series C funding.

Menlo Security describes its Isolation Platform as a digital partition, isolating and executing all web content, email links and documents in the cloud, then streaming a malware-free version of the content to employees’ computers via a patented Adaptive Clientless Rendering (ACR) technology.

New investors in the round include American Express Ventures, Ericsson Ventures, and HSBC. Existing investors include JPMorgan Chase, General Catalyst, Sutter Hill Ventures, Osage University Partners and Engineering Capital. This brings total investment in Menlo Security to $85 million.

“More than a million users at hundreds of companies are protected by Menlo, with zero infections to date,” said Amir Ben Efraim, CEO of Menlo Security. “This has given the market tremendous confidence in our solution. Customers are demanding more durable approaches to malware prevention versus a long legacy of solutions that remain perennially vulnerable to the latest attacks. This funding allows us to respond to this opportunity by continuing to expand our deployments globally to meet this growing demand while delivering on our vision of eliminating the phishing, ransomware and malware risks from email, web and document downloads.”

Sunday, December 3, 2017

Bitdefender attracts 30% investor at $600m valuation

Vitruvian Partners, an independent European private equity firm, has acquired an approximate 30% minority stake in Bitdefender Holding B.V..

Bitdefender, which employs 1,300 staff across nine offices, said its software is protecting 500 million users in over 150 countries. More than 40% of sales are currently generated in the U.S. Bitdefender is based in Bucharest, Romania.

Following the acquisition, Vitruvian becomes the second-largest shareholder with co-founders Mariuca and Florin Talpes continuing to hold the majority stake. A group of private investors hold a minority stake in the company.

Monday, November 27, 2017

Thoma Bravo to privatize Barracuda Networks for $1.6B

Thoma Bravo, a leading private equity firm, will acquire all shares of Barracuda Networks (NYSE: CUDA) in an all-cash transaction valued at $1.6 billion. Barracuda shareholders will receive $27.55 in cash for each share of Barracuda common stock they hold. The price represents a premium of 22.5 percent to the company's 10-day average stock price prior to Nov. 27, 2017, of $22.49.

Barracuda supplies appliance and cloud-enabled solutions for data protection.

"We believe the proposed transaction offers an opportunity for us to accelerate our growth with our industry-leading security platform that's purpose-built for highly distributed, diverse cloud and hybrid environments. We will continue Barracuda's tradition of delivering easy-to-use, full-featured solutions that can be deployed in the way that makes sense for our customers," said BJ Jenkins, chief executive officer of Barracuda. "Thoma Bravo has an excellent history of investing in growing security businesses, and this transaction speaks to the value and strength of Barracuda's security platform, which helps customers protect and manage their networks, applications, and data. I expect that our employees, customers, and partners will benefit from this partnership."

"Barracuda is a proven industry leader, consistently bringing powerful, comprehensive solutions to customers in an increasingly prevalent, hostile, and complex threat environment," said Seth Boro, a managing partner at Thoma Bravo. "We believe that Barracuda is at the forefront of innovation in several highly strategic areas of the cybersecurity market and are excited to be the company's partner in the next phase of its growth."

Thoma Bravo to Acquire Majority Stake in DigiCert


Thoma Bravo, a leading private equity investment firm, agreed to acquire a majority interest in DigiCert from TA Associates, another private equity firm currently holding the majority share. Financial terms were not disclosed. DigiCert is a global SSL Certificate Authority (CA) and the leading provider of trusted certificate management solutions.  The company provides its digital certificates to over 115,000 customers in more than 180 countries,...

Thoma Bravo Completes Acquisition of Riverbed


Thoma Bravo, a leading private equity investment firm, and Teachers’ Private Capital, the private investor department of Ontario Teachers’ Pension Plan, completed their previously announced acquisition of Riverbed Technology. The acquisition is valued at approximately $3.5 billion, with Riverbed stockholders receiving $21.00 per share in cash. “With this acquisition now complete, our team can begin to move forward with the strategic initiatives...

Blue Coat to be Acquired by Bain Capital from Thoma Bravo


Bain Capital, one of the world’s foremost private investment firms, will acquire Blue Coat Systems from Thoma Bravo for approximately $2.4 billion in cash. Blue Coat, which is based in Sunnyvale, California, provides on-premise, hybrid and cloud-based solutions for protecting web connectivity, combating advanced threats and responding to security breaches. Bain Capital indicated a possible return to the public market for Blue Coat. “We are excited...

McAfee to Acquire Skyhigh for CASB

McAfee agreed to acquire Skyhigh Networks, a start-up offering a cloud access security broker (CASB), for an undisclosed sum.

Skyhigh Networks, which is based in Campbell, California, provides its clients with visibility into content, context, and user activity across SaaS, PaaS and IaaS environments. Skyhigh Networks CEO Rajiv Gupta will join McAfee CEO Chris Young’s leadership team to run McAfee’s new cloud business unit.


“Skyhigh Networks had the foresight five years ago to realize that cybersecurity for cloud environments could not be an impediment to, or afterthought of, cloud adoption,” Young stated. “They pioneered an entirely new product category called cloud access security broker (CASB) that analysts describe as one of the fastest growing areas of information security investments of the last five years – where Skyhigh continues to innovate and lead. Skyhigh’s leadership in cloud security, combined with McAfee’s security portfolio strength, will set the company apart in helping organizations operate freely and securely to reach their full potential.”

“Becoming part of McAfee is the ideal next step in realizing Skyhigh Networks’ vision of not simply making the cloud secure, but making it the most secure environment for business,” Gupta said. “McAfee will provide global scale to further accelerate Skyhigh’s growth, with the combined company providing leading technologies and solutions across cloud and endpoint security – categories Skyhigh and McAfee respectively helped create, and the two architectural control points for enterprise security.”

Trend Micro acquires Immunio and for hybrid cloud security

Trend Micro announced the acquisition of Montréal, Canada-based Immunio, a pioneer in real-time web application security (RASP), providing automatic detection and protection against application security vulnerabilities. Financial terms were not disclosed.

Immunio's mission is to make truly effective real-time web protection technology easily available and widely deployed, and by doing so, stop the biggest source of breached data records.

“We are excited to acquire Immunio’s application protection technology, their team of application security experts and their customers,” said Bill McGee, SVP and GM of Hybrid Cloud Security at Trend Micro. “Technology changes, like cloud computing and container platforms, are enabling faster application development. Immunio’s run-time application security allows our customers to increase protection against software vulnerabilities within the applications they are building.”

Trend Micro is also enhancing its container-specific security capabilities, by supporting container image scanning, which allows security issues to be identified and resolved prior to production release. Customers will be able to scan images in the container registry so that development teams can fix issues prior to deployment and apply run-time protection capabilities based on findings from the imaging.

Tuesday, November 7, 2017

Proofpoint acquires Cloudmark for $110 million

Proofpoint, a cybersecurity company based in Sunnyvale, California, agreed to acquire Cloudmark, which specializes in messaging security and threat intelligence for Internet Service Providers (ISPs) and mobile carriers worldwide. The price is $110 million in cash.

Cloudmark correlates email threat telemetry data into its Global Threat Network, including intelligence derived from malware campaigns and targeted attacks like spear phishing and business email compromise (BEC).

Proofpoint plans to integrate the Cloudmark Global Threat Network into its Nexus platform, which powers Proofpoint’s product effectiveness across the portfolio covering email, social media, mobile and SaaS products.

“We are excited to welcome Cloudmark’s ISP and mobile carrier customers to Proofpoint,” said Gary Steele, Chief Executive Officer of Proofpoint. “By combining the threat intelligence from Cloudmark with the Proofpoint Nexus platform, we can better protect all of our customers – both enterprises and ISPs – from today’s rapidly evolving threats.”

Wednesday, October 25, 2017

Skybox Security raises $150 million

Skybox Security, a privately-held company based in San Jose, California, raised $150 million in venture funding for its cybersecurity management software.

The Skybox Security Suite combines attack vector analytics and advanced threat intelligence to continuously analyze vulnerabilities in a customer's environment and correlate them with exploits in the wild. Skybox extends across complex networks, including those in physical, virtual, cloud and operational technology (OT) environments.

Skybox says it has a compound annual growth rate (CAGR) of 46 percent and positive cash flow (2014 ­– 2016).

The new funding includes $100 million from the CVC Capital Partners’ Growth Fund (CVC Growth) and $50 million from Pantheon.

Skybox was founded in 2002. The company is headed by Gidi Cohen.


Thursday, October 19, 2017

Intezer raises $8M for malware analysis

Intezer, a start-up based in San Francisco and Tel Aviv, Israel, announced $8 million in series A funding for its malware analysis and detection solution.

The funding round was led by Intel Capital with co-investors Magma and Samung NEXT. This round will be used to expand the company's global sales efforts and open new opportunities in targeted markets.

Intezer said its approach to cyber security is to replicate the concepts of the biological immune system. The idea is to map and identifying the DNA of every single piece of code within seconds. The company has demonstrated the effectiveness by detecting code similarities in the latest high profile attacks such as WannaCry, Turla and NotPetya.

“Intezer has developed the most advanced technology for detecting code-reuse, effectively performing ‘DNA mapping’ for software. With this technology, we are able to identify every single piece of code running in the organization, enabling us to detect the most sophisticated cyber attacks and help security teams to respond immediately,” stated Itai Tevet, co-founder and CEO of Intezer.

Thursday, October 12, 2017

A10 scales up its DDoS protection

A10 Networks launched its most powerful DDoS protection to date with a solution that can manage 500,000 flows per second -- more than double the performance of the nearest competitive flow-based DDoS detection system, according to the company.


The A10 Thunder Threat Protection System (TPS) Detector is now available as a virtual machine on the A10 aGalaxy 5000 management appliance or on other TPS mitigation appliances. For the full solution, the Thunder TPS Detector can be integrated with A10’s TPS Mitigator and A10 aGalaxy TPS management.

A10 Thunder TPS solution leverages more than three dozen threat intelligence sources to block malicious traffic. It monitors performance and security baselines with 28 behavioral indicators.

According to a recent report commissioned by A10, large DDoS attacks greater than 50 Gbps have quadrupled the past two years. The number of companies experiencing between 6-25 attacks per year has increased more than four times in that same time span. However, with the complete Thunder TPS solution, A10 is improving protection for companies looking to augment mitigation capacity, SecOps-friendly automation, and reduction of false positives.

“With the new Thunder TPS options and flexibility, A10 is helping service providers, cloud providers, gaming companies and enterprises combat aggressive DDoS attacks with greater intelligence and agility,” said Raj Jalan, CTO of A10 Networks. “We believe the intelligent automation, combined with the industry’s highest-performing combination of powerful detection, mitigation, and management, will increase SecOps efficiency and drive more effective defense for businesses.”

Saturday, October 7, 2017

FireEye updates its Cybersecurity Threat Detection

FireEye announced major new software releases and next-generation hardware to drive drive performance at scale and increase deplyment flexibility. FireEye solutions updated with the new software and next-generation hardware include FireEye Network Security (NX), FireEye Email Security (EX), File Content Security (FX), Central Management (CM), and Malware Analysis (AX). The new releases include:


  • FireEye Network SmartVision is a new capability to address post-breach attacks and insider threats. It leverages a machine-learning framework to detect suspicious lateral threat movements (East-West traffic) and data exfiltration. This capability is designed to provide customers with greater detection and expanded visibility across their perimeter and now network core and servers.
  • FireEye Network (NX) deployments can now burst network traffic to FireEye’s MVX Smart Grid during periods of high-content scanning activity, to address overload and gaps in protection that might otherwise occur. Other new software capabilities include significant updates to alert handling, event change visualization, expanded logging, and overall usability improvements.
  • Fifth-generation FireEye hardware features the latest Intel processors, increased storage and port density. The four models are engineered to deliver throughput from 300 Mbps to 2500 Mbps, replacing existing fourth-generation models that are available until the end of October 2017.
  • FireEye File Content Security (FX) is a new virtual offering that extends FireEye protection further into hybrid IT environments.

Tuesday, October 3, 2017

Yahoo now believes all 3 billion user accounts hit by breach

Yahoo, which is now part of Verizon's Oath division, provided notice that all of its 3 billion user accounts were impacted by the 2013 data breach.  Previously, Yahoo had disclosed that more than one billion of the approximately three billion accounts existing in 2013 had likely been affected. The company believes that the user account information that was stolen did not include passwords in clear text, payment card data, or bank account information.

Monday, October 2, 2017

Level 3 expands its network-based adaptive firewall service

Level 3 Communications is expanding its cloud-based, next-generation Adaptive Network Security footprint to Asia Pacific and Africa.

Level 3's Adaptive Network Security is a network-based firewall service that includes intrusion defense systems and intrusion protection systems, anti-malware sandboxing, data loss protection, URL and web content filtering, and application awareness and control. 

Customers can access the firewall service via a constellation of security gateways distributed across Asia Pacific, Europe, Middle East and Africa and North America. All of these gateways are connected via Level 3's global VPN backbone.

Level 3 said it currently monitors over 1.3 billion security events across 94 billion NetFlow sessions daily, in addition to activity by over 5,000 command and control servers (C2s) and malicious IPs, creating rules to detect and block attacks.

"While the threat landscape continues to evolve, enterprises are seeing the cost and complexity of security solutions continue to rise. Level 3's expansion of Adaptive Network Security marks the next step in delivering adaptive networking solutions to break the hardware dependency cycle and reduce the administrative burden of trying to stay ahead of bad actors. Global businesses can leverage Adaptive Network Security for the latest security technology to keep their networks and workforces secure while they focus on what matters most to their business," stated Chris Richter, SVP of Global Managed Security Services for Level 3.

Wednesday, September 20, 2017

Aruba builds analytics-driven security framework for multivendor networks

Aruba, the wireless networking division of Hewlett Packard Enterprise, is launching an analytics-driven attack detection and response framework to bolster enterprise security from the edge, to the core, to the cloud for multivendor networks.

Aruba 360 Secure Fabric is a security framework that builds on User and Entity Behavioral Analytics (UEBA) to detect and respond to advanced cyberattacks from pre-authorization to post-authorization across multivendor networks, not just its own wireless LAN gear. Aruba already offers an IntroSpect UEBA product line that leverages machine learning security to detect anomalous user and traffic patterns across multiple data sources. Aruba Introspect can ingest common data sources including Microsoft Active Directory or other LDAP authentication records and identity information, and firewall logs from sources such as Checkpoint, Palo Alto Networks, or Aruba monitoring (AMON) logs from Aruba infrastructure.

Key components of the Aruba 360 Secure Fabric include:

  • Aruba IntroSpect UEBA solution : A new network-agnostic family of continuous monitoring and advanced attack detection software. Includes a new entry-level edition and uses machine learning to detect changes in user and device behavior that can indicate attacks that have evaded traditional security defenses. Machine-learning algorithms generate a Risk Score based on the severity of an attack to speed up incident investigations for security teams.
  • Aruba ClearPass : A network access control (NAC) and policy management security solution that can profile BYOD and IoT users and devices, enabling automated attack response, is now integrated with Aruba IntroSpect. ClearPass can also be deployed on any vendor’s network.
  • Aruba Secure Core : Essential security capabilities embedded in the foundation across all of Aruba’s Wi-Fi access points, wireless controllers, and switches, including the recently introduced Aruba 8400 campus core and aggregation switch.

Aruba said its new framework delivers betters and complementary attack detection with leading third-party security solutions. An emphasis is places on rapid response for breach investigations based on forensic traffic analysis.

See also