Cybersecurity Roundup: Splunk, SonicWall, Bugcrowd, Exabeam

Written by Edward Gately
October 24, 2019

Splunk is focused on mobility in cybersecurity.

… fewer, higher-value targets.

SonicWall’s Bill Conner

“We’ve also seen other macroeconomic factors have an impact on malware trends,” he said. “For example, with the fall in cryptocurrency prices in 2018, attackers attempted to keep cryptomalware profitable by making up for it in volume — [for example], infect larger devices. As cryptocurrency began to recover in 2019, we’ve seen the shift back to fewer, but more targeted attacks.”

On the other hand, as attackers continue to become more sophisticated, SonicWall has seen “tremendous increases” in other, newer types of attacks, such as encrypted threats, side-channel attacks, attacks over non-standard ports, evasion techniques and IoT-specific malware, Conner said.

“There is a tremendous opportunity for MSSPs and other cybersecurity providers,” he said. “Attackers have realized that there’s more to gain by targeting and infecting businesses, rather than consumers, as the likelihood of a business paying a ransom is higher. This has led to higher ransom demands and higher payouts. With that as a backdrop, there is a huge cybersecurity skills gap, felt hardest by SMBs who lack the resources to defend against such challenges. This is where MSSPs and other cybersecurity providers can step in to help close that gap.”

As attacks become more sophisticated and continue to evolve, it is critical for organizations to exercise basic hygiene, such as keeping their systems patched and their security products up to date, according to SonicWall.

Bugcrowd Unleashes Attack Surface Management

Bugcrowd‘s new Attack Surface Management (ASM) provides an assessment of an organization’s security posture by providing visibility and intelligence on its attack surface.

Bugcrowd said ASM is the first crowd-driven solution to reduce the unknown attack surface by matching the effort and scale of malicious attackers with attack-minded defenders. It identifies connected digital assets, prioritizes them based on real risk for attack, and migrates critical findings to new or existing crowdsourced testing programs like bug bounty or pen test programs for an added layer of targeted testing.

Casey Ellis, Bugcrowd‘s founder, chairman and CTO, tells us through the identification of additional testing surfaces and the prioritization of security remediation activities, ASM provides his company’s partners with more opportunities to engage with customers by identifying and generating upsell opportunities.

Bugcrowd’s Casey Ellis

“ASM is powerful in a VAR model in that it’s a simple solution to a compelling problem,” he said. “Organizations can only secure what they know is within their attack surface, and ASM helps reduce unknown attack surface by up to 98%. ASM is also a catalyst for additional upsell opportunities, whether for Bugcrowd or other products in a partner portfolio, as newly surfaced assets can lead to additional security effort and investment needed, based on uncovered risk.”