Black Hat USA 2022: DNSFilter, NetWitness, BlackBerry, CrowdStrike, More
The event marks the 25th Black Hat USA.
![Black Hat logo Black Hat logo](https://eu-images.contentstack.com/v3/assets/blt10e444bce2d36aa8/bltcb7cb6df1b50218d/65241cadf0a1767f1eb19a42/Black-Hat-logo.jpg?width=700&auto=webp&quality=80&disable=upscale)
The acquisition of Guardian enables DNSFilter to enter the SWG category of secure access service edge (SASE), bringing an expanded security solution to a “stagnant” market, DNSFilter’s Ken Carnesi said.
“This opens up new markets for DNSFilter to provide a broader solution that many enterprises are looking to converge on in the coming years,” he said.
Will Strafach is Guardian‘s founder and CEO.
“We are thrilled to join DNSFilter, the category leader in DNS layer security and a like-minded team that shares our beliefs on privacy and delivering quality software to protect devices,” he said. “Guardian and DNSFilter place a high priority on in-house security research to best protect our customers and remain steadfast in our mission to allow users to take back control of the personal data and information they share while using any device. Guardian solutions are a perfect complement to DNSFilter as the company broadens its platform offerings.”
Also at Black Hat …
NetWitness, an RSA Group business and provider of cybersecurity technologies and incident response services, has hired Ken Naumann as its new CEO.
Naumann joins NetWitness from AccessData, a provider of digital forensic investigation technology. There, he led the company’s growth as CEO. AccessData was acquired by Exterro.
Over his 25-year career, Naumann has served as CEO of a mix of public, private-equity, and venture-backed companies, mainly focused on social media compliance and information security. He has also held executive leadership positions at Guidance Software, now part of OpenText, and BindView, which was later acquired by Symantec.
“NetWitness has served the global infosec community for decades, reaching large complex enterprises and government agencies,” Naumann said. “The company’s focus has been to strengthen network, endpoint and log analytics in any computing environment. I’m excited to be part of this journey and innovating our solutions to become more intelligent, automated and accessible in the cloud.”
Naumann’s appointment coincides with the launch of NetWitness Platform XDR 12, an extended detection and response solution.
BlackBerry and Corvus Insurance released the BlackBerry Cyber Insurance Coverage study. It shows businesses are increasingly concerned about how they will meet ransomware demands.
BlackBerry commissioned Team Lewis Research to run an online survey of 450 business decision makers for IT/security solutions in the United States and Canada.
Key findings include:
Only 19% of those surveyed have ransomware coverage limits above $600,000, while more than half hoped the government would cover damages when future attacks are linked to other nation-states.
SMBs, which have become a favorite criminal target, are especially feeling the heat. Of businesses with under 1,500 employees, only 14% have a coverage limit in excess of $600,000. A recent Forrester report estimated that a typical data breach would cost the average organization $2.4 million to investigate and recover. Unsurprisingly, 50% of SMB respondents hoped the government would increase financial aid in all ransomware incidents.
Many businesses reported cybersecurity coverages that are poorly tailored to their current situation. Over one-third aren’t currently covered for any ransomware payment demands, while 43% aren’t covered for auxiliary costs such as court fees or employee downtime.
At the same time, cyber insurance has become harder to get, due to increased software requirements placed by insurance brokers. Over one-third of respondents have been denied coverage due to not meeting specific endpoint detection and response (EDR) software requirements. These increased requirements may be having a real impact on reducing ransom payouts.
Shishir Singh is executive vice president and CTO of cybersecurity at BlackBerry.
“Not only are there more ransomware threats than ever, but the criminals are more ruthless,” he said. “They will iterate threats and wait patiently in order to extract maximum damage. For uninsured and underinsured organizations, this potentially puts them in extreme jeopardy. The cyber underground is increasingly sharing learnings and partnering to make threats as efficient as possible. It’s vital businesses strengthen their security posture against these threats by supplementing insurance with a prevention-first software approach that lowers their overall risk.”
CrowdStrike introduced its artificial intelligence (AI)-powered Indicators of Attack (IoAs), new innovations for fileless attack prevention and enhanced visibility for stealthy cloud intrusions.
Delivered on the CrowdStrike Falcon platform and powered by the CrowdStrike Security Cloud, these new detection and response capabilities stop emerging attack techniques and enable organizations to optimize the threat detection and response life cycle.
CrowdStrike says it invented IoAs more than a decade ago. It brought a new approach to stopping breaches based on real adversary behavior, irrespective of the malware or exploit used in an attack. Now, CrowdStrike is leveraging AI techniques to create new IoAs at machine speed and scale.
Amol Kulkarni is chief product and engineering officer at CrowdStrike.
“CrowdStrike leads the way in stopping the most sophisticated attacks with our industry-leading IoA capability, which revolutionized how security teams prevent threats based on adversary behavior, not easily changed indicators,” he said. “Now, we are changing the game again with the addition of AI-powered IoAs, which enable organizations to harness the power of the CrowdStrike Security Cloud to examine adversary behavior at machine speed and scale to stop breaches in the most effective way possible.”
SimSpace, a cybersecurity risk management platform provider, has launched its global SimSpace Partner Network. It aims to five channel resellers, service providers and technology alliance partners the toolset they need to accelerate sales and capitalize on new revenue opportunities.
The partner program is designed to foster collaboration and enable partners globally to leverage the full value of the SimSpace Cyber Range platform to best serve their customers and drive more business wins. The program gives partners access to a variety of technologies and vendors, including breach and attack simulation, training institutes, threat intelligence and incident response, endpoint and network security providers, security information and event management (SIEM) vendors and security orchestration, and automation and response (SOAR) solutions.
Organizations including Mandiant, Cymulate, CyCognito, Adeo and IDNet are already part of the program.
Mike Heumann is SimSpace’s CRO.
“Partners are critical to our growth and goal to create the most comprehensive cybersecurity ecosystem for assessing and building confidence in security talent and technology,” he said. “Our program not only drives market opportunities for our partners, and helps them accelerate sales and capitalize on new revenue stream opportunities, it helps to secure organizations worldwide against the growing global threat landscape.”
SimSpace said the new program supports all partner efforts to serve their customers and differentiate themselves in a competitive market.
SimSpace, a cybersecurity risk management platform provider, has launched its global SimSpace Partner Network. It aims to five channel resellers, service providers and technology alliance partners the toolset they need to accelerate sales and capitalize on new revenue opportunities.
The partner program is designed to foster collaboration and enable partners globally to leverage the full value of the SimSpace Cyber Range platform to best serve their customers and drive more business wins. The program gives partners access to a variety of technologies and vendors, including breach and attack simulation, training institutes, threat intelligence and incident response, endpoint and network security providers, security information and event management (SIEM) vendors and security orchestration, and automation and response (SOAR) solutions.
Organizations including Mandiant, Cymulate, CyCognito, Adeo and IDNet are already part of the program.
Mike Heumann is SimSpace’s CRO.
“Partners are critical to our growth and goal to create the most comprehensive cybersecurity ecosystem for assessing and building confidence in security talent and technology,” he said. “Our program not only drives market opportunities for our partners, and helps them accelerate sales and capitalize on new revenue stream opportunities, it helps to secure organizations worldwide against the growing global threat landscape.”
SimSpace said the new program supports all partner efforts to serve their customers and differentiate themselves in a competitive market.
BLACK HAT USA — Black Hat USA 2022 kicked off Wednesday in Las Vegas with a flurry of news and research from DNSFilter, NetWitness, BlackBerry, CrowdStrike and more.
The event marks the 25th year for Black Hat USA. Chris Krebs, the first director of the Cybersecurity and Infrastructure Security Agency (CISA), will give the opening keynote.
DNSFilter announced its acquisition of Guardian, a firewall and VPN technology platform. The acquisition allows DNSFilter to provide a secure web gateway (SWG) that protects user information and secures organizations against web-based threats.
More than 2,500 MSPs globally use DNSFilter’s artificial intelligence (AI)-powered DNS threat protection and content filtering.
Ken Carnesi is DNSFilter’s CEO and co-founder.
DNSFilter’s Ken Carnesi
“Our partners will benefit from the increased security capabilities (e.g. URL filtering) that will come with this acquisition,” he said. “In addition, they will also have additional value-added products (e.g. the Guardian App which includes VPN capabilities).”
Bringing the DNSFilter and Guardian teams together creates a “unique security and privacy advantage with some of the top thought leaders,” Carnesi said.
“We already have a very large team dedicated to researching DNS-based threats,” he said “This acquisition will broaden our team’s scope of knowledge with security experts from other disciplines.
Scroll through our slideshow above for more from DNSFilter, and more news and research at Black Hat USA 2022.
(Informa Tech is the parent company of both Channel Futures and Black Hat USA.)
Want to contact the author directly about this story? Have ideas for a follow-up article? Email Edward Gately or connect with him on LinkedIn. |
About the Author(s)
You May Also Like