news
New CrowdStrike report reveals more cyberattacks in the first half of 2020 than 2019
and precarious as eCrime and state-sponsored actors have opportunistically taken aim at industries unable to escape the chaos of COVID-19 , demonstrating clearly how cyberthreat activity is intrinsically linked to global economic and geo-political forces ,” said Jennifer Ayers , Vice President of OverWatch and Security Response . ybersecurity expert ,
C
CrowdStrike , has released its CrowdStrike Falcon OverWatch 2020 Threat Hunting Report , which reveals the company has stopped 41,000 potential intrusions in the first half of 2020 , compared to the 35,000 it saw in the whole of 2019 .
The report found that this significant increase is driven primarily by the continued acceleration of eCrime activity but has also been impacted by the effects of the pandemic , which presented an expanded attack surface as organisations rapidly adopted remote workforces and created opportunities for adversaries to exploit public fear through COVID-19 themed social engineering strategies .
“ Just like everything this year , the threat landscape has proven unpredictable
Ayers added : “ OverWatch threat hunting data demonstrates how adversaries are keenly attuned to their victim ’ s environment and ready to pivot to meet changing objectives or emerging opportunities . For this reason , organisations must implement a layered defence system that incorporates basic security hygiene , endpoint detection and response ( EDR ), expert threat hunting , strong passwords and employee education to properly defend their environments .”
SENTINELONE ANNOUNCES AUTOMATED APPLICATION CONTROL FOR CLOUD AND CONTAINER SECURITY
entinelOne , an autonomous
S endpoint protection company , has announced a new Automated Application Control Engine designed to secure cloud and containerised workloads without human intervention . The new automated engine automatically secures containers at runtime against known and unknown threats , eliminating the need to manually maintain allow-lists , preserving cloud and container workload ’ s immutable states while also defending against modern threats such as malware , cryptojacking and zero-days .
“ Organisations need cloud security solutions that can secure their cloud assets at the speed of business ,” said Guy Gertner , VP Product Management , SentinelOne . “ It is critical to defend cloud and container workloads , but any solution that impacts the flexibility , speed and agility of development defeats the whole purpose of going to the cloud . SentinelOne distinctly understands the need to secure the cloud without interference , and we are happy to deliver a cloud security solution that furthers our customers ’ IT and business objectives .”
One of the defining principles of cloudnative workloads is its self-contained architecture – it is built from immutable images containing everything the application needs to run . While security is a concern , any proposed security solution must not disturb the workload ’ s dynamic nature . Most container solutions today rely on creating allow-lists , white-listing everything that is cleared to run in the container and identifying anything else as a threat to be mitigated . However , these existing solutions are flawed : whether pre-deployment scanning or learning during runtime , today ’ s container security products either inhibit agility , require too much labour or miss legitimate threats . u www . intelligentciso . com | Issue 30
13