Search the Community
Showing results for tags 'company'.
-
Security intelligence and analytics solutions provider Endgame, Inc. on Tuesday announced the launch of its enterprise endpoint detection and response platform, Endgame Enterprise. Endgame, which historically has focused on providing solutions to the U.S. government, including tools and zero-day exploits used for offensive purposes, said in 2014 that it would shift its focus to sell its platform to enterprise customers. According to the Arlington, Virginia-based company, its enterprise solution, which focuses on protecting critical infrastructure, “thinks like the adversary” and helps customers to detect and respond to unknown cyber threats. Endgame LogoUsing threat detection algorithms and attack-chain analysis designed to discover zero-day and advanced threats without the use of signatures, the company says that its new host-based software solution is able to detect suspicious behavior and help enterprise security teams accelerate investigation, containment and remediation. “Endgame Enterprise captures and analyzes the details of an attack, giving incident responders rich attack-path intelligence and insight into the consequences of cyber threats,” the company explained. “Our research on advanced threats, vulnerabilities and attack patterns, and our history protecting some of the nation’s most sensitive national security assets, allows us to understand defenses from the adversary’s perspective,” said Endgame CEO Nate Fick. “Endgame Enterprise empowers existing security teams to accelerate the investigation and remediation of threats that would otherwise go undetected.” Founded in 2008, Endgame currently has over 100 employees and has offices in Washington, DC, San Francisco, CA, San Antonio, TX and Melbourne, FL. In Nov. 2014, the company announced that it had raised $30 million in a Series C equity funding round, bringing the total amount raised by the firm to $90 million. Sursa: securityweek.com
-
When a company is breached, the typical reaction is to increase security across the board. But Twitch, the Amazon-owned game streaming company, has decided to reduce the minimum number of characters in user passwords, thereby allowing users to have less secure logins, in response to customer complaints. The attack was announced yesterday on a company blog, whilst emails were also sent to concerned users. There’s little detail on the extent of the attack; Twitch simply said all user passwords were to be reset after it detected possible unauthorized access to some Twitch user account information. According to the email sent to users, some cryptographic protections were used on passwords, but it wasn’t clear how strong they were. And it said it was possible passwords could have been captured in plain text by malicious code when users logged into the site on 3 March. Various kinds of data could have been compromised, including credit card information, in particular card type, a truncated card number and the expiration date. Usernames and associated email addresses, passwords, the last IP address users logged in from, phone number, address and date of birth were also potentially stolen. With all that information, a hacker would have a good chance of stealing a victim’s identity. Users started to complain en masse across Twitch’s social networks, however. Some said they couldn’t remember their password, others said when they tried to change their passwords to anything less than 20 characters they weren’t allowed, due to the site’s restrictions. Texan Twitch customer Corbin Ellis told the company on their Facebook page that “if users want to use bad passwords, that’s their problem, not yours”. Twitch caved to customer demands, announcing it would reduce the limit on minimum password length to eight characters minimum. Web security expert Troy Hunt told FORBES more than eight was surprisingly restrictive. “But what’s disheartening about this is that users have apparently baulked at creating passwords longer than eight characters so are clearly not getting the message on what constitutes a strong ‘secret’.” Authentication expert Per Thorsheim said it didn’t make sense to lower the length requirement after a breach. “I’d say on the contrary in many cases. In this specific case they have dramatically lowered their requirements. From a security perspective this could be justified by new and better ways of sending, [encrypting] and storing your passwords.” If any more evidence was needed that the username-password paradigm is a flawed form of authentication, the Twitch breach has provided. sursa: Amazon's Twitch Hacked, Caves To Angry User Demands For Less Secure Passwords - Forbes si-au cam luat la mumu twitch...
- 2 replies
-
- chain
- characters
- (and 6 more)
-
UK-based Darktrace, a cyber security startup that leverages machine learning and mathematics to detect threats, announced this week that it has raised $18 million i funding. Founded in 2013 by senior members of the UK' GCHQ and other intelligence agencies, DarkTrace is headquartered in Cambridge, UK with offices in London, Milan, New York, Paris, San Francisco, Singapore and Washington D.C. The funding came from investors including Invoke Capital, Talis Capital, Hoxton Ventures and private individuals, with the latest funding round valuing the company at $80 million. Darktrace LogoThe company said that its “Enterprise Immune System” technology detects previously unknown threats using machine learning and mathematics developed at the University of Cambridge. In more detail, the explains on its website that the Darktrace platform “models patterns of life for each user and machine” to detect normal and abnormal behaviors as they emerge, without already knowing what it is looking for, and calculate the probability of threat based on the detection of behavioral anomalies. In addition to the funding, the company announced that it has opened an Asia Pacific office in Singapore. Sanjay Aurora, who has more than 25 years' experience leading enterprise software firms, will oversee the expansion process in the Asia Pacific region, Darktrace said. Aurora is joined by John Muser, formerly of IBM Security, heading up Australia and New Zealand, and Stanley Hsu, formerly of McAfee. "Darktrace is growing at a phenomenal rate. It has been barely a year since we deployed to our first customer and now we have deployments at 75 companies and relationships with 50 partners across America, UK, continental Europe and theMiddle East," said Darktrace CEO Nicole Eagan. "Our headcount has tripled over the past year and expansion into Asia is a natural next step." British telecommunications services giant BT announced this month that it was integrating Darktrace's platform, which will be added to BT's security portfolio and be available as both part of an integrated cyber security offering or as a point solution within BT's Assure portfolio of managed security services. BT also said that it would integrate Darktrace into its own enterprise security defenses to protect internal assets. Sursa: securityweek.com