Vectra – Detect Account Takeovers (ATOs) for Microsoft 365
In response to COVID-19, and the influx of remote workers using Microsoft Office 365, Vectra is now offering their services for free through May 31, 2020, to detect account takeovers (ATOs) for Microsoft 365 accounts by identifying:
- Infiltration and elevation: Brute force, adding users and privileges to groups, staging malware, etc.
- Reconnaissance: accessing files in unusual ways; listing users, files, and shares
- Persistence and evasion: installing apps to keep access, changing policy and logging, turning off DLP, etc.
- Exfil and destruction: creating mail sinks, sharing and downloading files, etc.
Other free services include Cognito Detect for Office 365, which uses the power of AI and threat research to detect and prioritize in progress attacks in real-time. This SaaS-based program delivers daily reports, as well as the support of Vectra Consulting Analysts.
For more information, visit Vectra.com
Untangle – COVID-19 Resource Center
Untangle has launched a “COVID-19 resource center” for SMBs, organizations/institutions and individuals to help them continue to secure their network and their employees during this time as many transition outside of the office to working from home.
The resource center can be found here (https://www5.untangle.com/COVID-19) and includes:
- Reminders for Enabling Employees to Work From Home to Combat COVID-19
- CHECKLIST: Identifying Phishing Emails
- GUIDE: Best Practices for VPN Connectivity for Employees
- GUIDE: Preparing Your Home Network for eLearning
- GUIDE: Keep Students Safe While Homeschooling During the COVID-19 Crisis
For more information, visit Untangle.com
Thycotic – Free Cybersecurity for Dummies
Thycotic is offering free downloads of its Cybersecurity for Dummies which delivers a fast, easy read that describes what everyone needs to know to defend themselves and their organizations against cyberattacks – including simple steps everyone can take to protect themselves at work and at home. It empowers employees to understand and recognize the most common cybersecurity threats they face in their daily work and personal lives, and includes topics including:
- Recognizing cybersecurity threats—even the newest ones
- Responding to a cyber-attack—quickly, effectively and appropriately
- The top 10 actions for protecting yourself from a cyberattack, at work and at home
This 24-page booklet explains in simple terms how cybercriminals target their victims, what employees can do to reduce their risk, and how they can personally make it much more difficult for attackers to steal passwords, and gain unauthorized access to sensitive information.
A copy is available for download here: https://thycotic.com/resources/wileys-dummies-cybersecurity/
For more information, visit Thycotic.com
Viakoo - 100 Day Healthcare Initiative
Viakoo will provide healthcare organizations on the frontlines of fighting the Covid-19 pandemic use of Viakoo Video Assurance Service for 100 days to assist them in remotely detecting, diagnosing, and fixing physical security system issues.
Organizations must provide the following information:
- Name of person applying, title, and email
- Head of Physical Security name and email
- IT contact name and email
- Estimated number of cameras and/or doors
- Name of Security Integrator (if none leave blank)
Within 2 days of registering, Viakoo will coordinate with the healthcare organization and their security integrator to install Viakoo Video Assurance Service and provide training to the appropriate people. Viakoo will provide all normal support and updates to members of this program.
For more information, visit Viakoo.com
NETSCOUT - Real-Time Visibility and Analysis Of DDoS Attacks
NETSCOUT SYSTEMS, INC. announced the public availability of Cyber Threat Horizon, a free threat intelligence portal that offers network and security operators greater visibility into Distributed Denial of Service (DDoS) attacks in real-time.
Cyber Threat Horizon collects, analyzes, prioritizes, and disseminates data on past and emerging DDoS threats across the internet. This macro view gives users contextual awareness of the DDoS attacks that could impact their organization and allows them to gain unique insights into DDoS attack trends to provide the situational awareness they need to assess risk and prepare for cyberattacks.
Cyber Threat Horizon provides the context needed to understand the threat of DDoS attacks, how they form, evolve and target businesses. The portal visually displays data by DDoS attack source country, target country, attack size, duration, industry sector and attack type. The last three most significant DDoS threats scroll across the bottom of the threat map to alert users in real-time.
For more information, visit NETSCOUT.com
6. CrowdStrike - Cybersecurity & COVID-19 (Coronavirus) Resource Center
CrowdStrike is offering two free, limited-time programs to address the challenges of managed and unmanaged devices being used by newly remote workers:
- Burst Licensing Program : For corporate-owned devices, CrowdStrike is introducing a Burst Licensing promotion. This program is designed to help customers alleviate the concerns associated with licensing a surging number of new systems being deployed for use by remote workers. This program is particularly vital because these systems may only be needed for a short period of time.
- Falcon Prevent for Home Use : For employee-owned devices, CrowdStrike is introducing a new program: Falcon Prevent for Home Use. This home use program provides organizations with a low-cost option for securing employees’ home Windows devices, leveraging CrowdStrike’s cloud-native Falcon® platform and lightweight agent
For more information, visit ClowdStrike.com
Cyber Risk Aware – Free Phishing Tests
Irish cybersecurity awareness training company Cyber Risk Aware announced that it would be providing free COVID-19 phishing tests for businesses. Companies are invited to run a phishing simulation in which up to 100 staff can learn how to avoid falling for COVID-19 lures.
Along with the free simulation, companies can download a checklist of Do’s and Don’ts designed to keep employees who are working remotely cyber-safe.
For more information, visit CyberRiskAware.com
Coveware and Emsisoft – Ransomware Help for Coronavirus Healthcare Providers
In partnership with Emsisoft, Coveware will be offering free help to critical care hospitals and other healthcare providers that are on the front lines of COVID-19 and have been impacted by ransomware.
The services offered will include:
- Technical analysis of the ransomware
- Development of a free decryption tool whenever possible
- As a last resort ransom negotiation, transaction handling and recovery assistance.
Their goal is to minimize patient care disruption by helping affected healthcare providers become operational as fast as possible. If you are a healthcare service provider that has experienced an attack, contact Coveware.
BSI – Risk Management and Business Continuity Standards
BSI, in its role as the UK National Standards Body, has released a suite of risk and business continuity standards publicly available to help British businesses navigate the challenges they face as a result of the Novel Coronavirus (COVID-19) pandemic.
The standards provide organizations with access to best practice guidance and the collective wisdom of experts on how to approach, manage and overcome some of the difficulties that thousands are facing up and down the country. The standards suite of information and guidance being made publicly available spans themes including security and resilience, supply chain continuity and crisis management.
BSI is also working with the Emergency Planning College (EPC) - part of the Cabinet Office Civil Contingencies Secretariat - to deliver best practices and expert guidance to the complimentary standards through a series of webinars, ensuring that organizations are able to learn from experts and implement the standards, as easily as possible.
For more information, visit BSI.com
ISACA, a global organization for information governance, control, security and audit professionals, also has a variety of resources for security professionals during this time, including:
- A complimentary white paper, Business Continuity Management: Emerging Trends, and will be issuing a new version of this soon as well.
- Throughout the year, ISACA provides free webinars that can help professionals gain additional knowledge and develop professionally. Here are some on the horizon that may be of particular interest now:
- Good, Better, Best: Competitive IT Resume Styles: https://www.isaca.org/education/online-events/lms_w042220
- Stopping Ransomware and Advanced Malware Threats: The Current Scope of these Threats and Tools to Shut Them Down: https://www.isaca.org/education/online-events/lms_w042120
- Those looking for extra listening or reading material can check out the free ISACA Podcast or the ISACA Now blog too, including these episodes and posts:
- A Career Center for those who are seeking new job opportunities, which has a job board and other resources.
- ISACA also continues to post relevant resources to ISACA’s Navigating COVID-19 webpage.
For more information, visit ISACA.org
Zello - First Responder Program
Zello, a push-to-talk voice messaging service that enables collaboration for workers and communities, announced that its enterprise-grade solution is now available at no cost to first responders, anywhere in the world. Through its Zello for First Responder program, U.S.-based first responders were previously able to use the professional version of Zello for free. The Zello app is already localized in 22 languages and the program benefits now extend to any first responder organization in the world.
In addition to the geographical coverage extension, the Zello for First Responder program now includes all enterprise-grade solutions, including location history for all users of the network, facilitated by Google Maps. Additional features include a searchable centralized archive of all communication and a new dispatch communication solution. Zello users can also send photos and messages to one another and to groups of up to 8,000 users, and can use it to share crucial information that, at times, can mean the difference between life and death.
For more information, visit Zello.com
Genetec - Access Control Feature
Genetec has released an access control feature to help organizations identify people who are at increased risk of being in contact with contaminants or contagious individuals during COVID-19.
The new reporting function for its Security Center Synergis™ (Synergis) access control system is designed to help organizations find all people who went through a door in close proximity to someone thought to be contagious. A report can quickly be generated to correlate access events by time window to identify people who are at increased risk of being in contact with contaminants or contagious individuals. This will allow enterprises to proactively advise individuals of their potential contamination and take the necessary hygienic precautions, as outlined by health and safety procedures and regulations.
The feature is available free of charge to any Genetec Security Center Synergis™ access control customers.
In addition, Genetec is offering its digital management system, Clearance, free of charge to any organization that needs to manage and distribute media and files from surveillance systems, body cameras, cellphone footage from bystanders and witnesses, and other sources without having to create or distribute physical copies.
For more information, visit Genetec.com
Darktrace – Cyber AI Solutions for Virtual Deployment
Darktrace, a cyber AI company, has announced that its cyber security products are now available virtually. Darktrace is also offering to virtually deploy its world-class AI software to new customers free of charge for a trial period, enabling enterprises to experience the value of the cyber defense technology within their own digital environments, including cloud and SaaS services, email systems and traditional corporate networks.
Remote workers are now being offered the ability to trial Darktrace Cyber AI in a ‘virtual proof of value’ of the following core solution areas:
Darktrace’s flagship Enterprise Immune System, which learns the ‘pattern of life’ of your devices and organization, and detects novel, emerging threats.
Darktrace Antigena, an Autonomous Response technology, which autonomously interrupts cyber-attacks in real time. Available virtually for both Antigena Email and Antigena Network modules.
For more information and to activate a virtual, 30-day trial, visit darktrace.com/virtual
Innerspace – Locate Citizens and Track Emergency Responders
InnerSpace, a provider of WiFi-based indoor location intelligence platform, announced its product capabilities to support all levels of government to analyze the patterns and movement in public spaces using existing WiFi networks. The platform is ideally suited to understand the movement of people inside public spaces and can support emergency response strategies, social distancing programs, and help Smart Cities implement effective security and public safety measures.
InnerSpace inFORCE, was selected in a competitive process by the Department of Homeland Security, for its ability to use WiFi to locate citizens and track emergency responders in an active shooter scenario. The same platform can be used in a wide variety of emergency situations such as the current COVID-19 pandemic. In addition to the company’s tracking capabilities, it’s analytics dashboard gives public safety offices an unprecedented view into how people leverage public spaces.
The information can be connected directly into emergency response communications systems, building management and security systems, or analyzed by InnerSpace to identify critical patterns and trends in people’s movements.
For more information, visit InnerSpace.com
15. Axonius - Free Security Evaluation for Healthcare Teams
Cybersecurity startup Axonius is offering free security evaluations for remote healthcare teams (with no strings attached). The tool allows CISOs at healthcare organizations to evaluate blind spots in their security posture and their asset management practices to identify risk during the pandemic. In addition, the security evaluation allows CISOs to correlate asset data from the tools they’re already using to understand the new normal as their workforce transitions to a largely remote one.
For more information, visit https://info.axonius.com/healthcare
16. MAZEBOLT - Proactively Secure VPN Services from DDoS Attacks
MazeBolt Technologies Ltd., an Israeli cybersecurity company that’s developed a proactive DDoS mitigation technology – the DDoS Radar – is offering a free validation of DDoS mitigation solutions aimed at helping secure remote employees from being cut off by DDoS attacks during COVID-19.
DDoS Radar technology powers a Proactive Mitigation Intelligence layer compatible with any existing DDoS mitigation solution (Cloud scrubbing, CDN, On Prem. CPE or hybrid solution). Proactive Mitigation Intelligence continuously identifies, prioritizes and reports DDoS vulnerabilities across the entire DDoS threat surface so DDoS mitigation policies can be remediated, revalidated and secured before DDoS attacks happen. MazeBolt’s VPN DDoS validation helps secure WFH by: (i) Proactively identifying DDoS vulnerabilities that could impact business continuity, (ii) Providing detailed vulnerability information so appropriate DDoS mitigation policy configurations can be fixed.
For more information, visit MAZEBOLT.com
17. BlackBerry - Assistance with Remote Working Programs
BlackBerry announced it will be offering businesses additional assistance in implementing their own remote working programs, at no cost, to help its current customers and other companies support their business continuity plans and remote working policies by enabling a secure, productive and connected environment for workers. This includes quick onboarding and enablement that can be delivered remotely with their services.
BlackBerry will be offering a range of its secure communication solutions for enterprises – free of charge for a 60-day period – in order to help manage and secure employees in the ways they are most likely to be working. These mission critical solutions include:
- BlackBerry Desktop
- SecuSUITE for Government and Enterprises for Secure Messaging and Phone Calls
- BlackBerry AtHoc for Employee Safety
- BlackBerry Protect
BlackBerry Desktop, SecuSUITE for Government, BlackBerry AtHoc for Employee Safety and BlackBerry Protect will be available free for 60 days.
18. Get Licensed - Security-Vetted Volunteer Site
Get Licensed has launched a new UK-wide initiative connecting security-vetted volunteers with those in need of help during the current coronavirus lockdown.
The company is appealing to those already verified by the Security Industry Authority (SIA) to sign up to Get Help and begin making a real difference in their local communities. Those requesting help include the elderly, vulnerable or those designated ‘at risk’ who are unable to leave their homes and are dependent on the kindness of others.
Get Help also provides the reassurance that those volunteers responding have undergone stringent criminal and identity checks as part of the requirements of the SIA, which regulates the UK’s private security industry. Those holding SIA licences include security guards and door staff, who have also undergone a nationally recognized training program carried out by fully qualified experts. Once a help request is received, Get Help will send a text notification to a volunteer in the locality who, if they can respond, will contact the person directly. Requests for help could range from a simple supportive chat over the telephone, to collecting a prescription or going food shopping.
For more information or to sign up, visit https://get-licensed.co.uk/gethelp/
19. Bugcrowd - COVID-19 Response Package to Help Care Provider Organizations Reduce Risk with Crowdsourced Cybersecurity Solutions
Bugcrowd, a crowdsourced security company, is offering a COVID-19 Response Package that will provide free Bugcrowd fully-managed Vulnerability Disclosure Programs and Attack Surface Analysis for emergency response teams, hospitals, or other care provider organizations helping to respond to the coronavirus pandemic.
Bugcrowd will offer free access to the following solutions for the next 90 days to any frontline care organization:
- Fully managed Vulnerability Disclosure Program (VDP)
- Comprehensive Attack Surface Analysis
For more information, visit www.bugcrowd.com/COVID19.
20. Egress - Free Secure Mobile App
Egress is offering a way for customers to empower people to share data effectively and securely while working remotely with its new, free mobile app that makes it quick and easy for users to not only read but also respond to Egress-encrypted emails—which is great for fast-tracking sensitive information flows when out of the office.
Users can use the app to manage and control sent items after they have left your outbox. Within the app, you can track when recipients have viewed an email and fully revoke access altogether for anyone who suddenly no longer has the authority to view certain content. This immediately blocks them from reading the email message and any attachments.
For more information, visit https://www.egress.com/en-us/downloads
21. FairWarning - Free COVID-19 Monitoring Feature in Patient Privacy Intelligence Platform
FairWarning has added new features to its Patient Privacy Intelligence solution to help healthcare providers monitor access to COVID-19 patient records. The solution’s core monitoring analytics and AI detection address privacy concerns associated with COVID-19 by finding anomalies in access to specific patients, people accessing patients outside of their normal workflow, and VIP patient record access.
These new features, developed in conjunction with its customers, help providers identify COVID-19 patients and associated record access, which includes a set of prebuilt analytics and reports designed to monitor for anomalies and patterns associated with those patients. It also offers multiple ways to identify the relevant patients to accommodate the variation between health system capabilities and situations.
In addition, FairWarning is also offering a free 14-day trial of its cybersecurity solution, which can be used by sectors that include financial services and emerging markets to help detect insider threats and build organizational trust through Salesforce data privacy and security—while meeting compliance requirements.
For more information, visit FairWarning.com
22. Topo.ai - Interactive COVID-19 Map and Infection Data
Topo.ai is providing an interactive COVID-19 map and infection data to support peers in the security industry. They are visualizing this information within TopoONE software and will update the map on a daily basis using the best available data. Use their intuitive COVID-19 dashboard to:
- Compare the ‘curve’ of reported cases between locations to see which areas have peaked
- Identify emerging COVID-19 ‘hot spots’ and newly affected US counties
- Mitigate risk to your distributed workforce
- Assess supply chain stability and potential disruptions
- View changes and trends over time
- Examine shelter in place orders, school and non-essential business closures, National Guard Activations
Security and business continuity users utilize this data to prepare daily situation reports and to conduct executive briefings.
For more information, visit Topo.ai.com
23. Guardiance Group - Cybersecurity Help to Small and Medium-Sized Businesses
Reut Hackmon, Founder & CEO of Guardiance and recognized cybersecurity advisor, reached out to Security Magazine to offer services to small and medium-sized businesses that need help with setting up environments, deploying technologies, configuring environment with best practices to ensure cybersecurity. “As they are all forced to work online now, I wish to offer something that is really needed because of COVID-19,” Hackmon says.
Guardiance provides network and endpoint protection management, network optimization, digital investigations, policies and guidelines to establish and govern a culture of security, security awareness programs and ethical hacking services.
For more information, visit the GuardianceGroup.com
24. SSH.COM’s PrivX - Privileged Access Management Solution
SSH.COM’s PrivX is a privileged access management (PAM) solution that the company offers for free (for up to 20 hosts). PrivX re-imagines PAM for current business needs, giving users an access management software that is scalable, lean and rapid to deploy. Key benefits include:
- Advances security by generating ephemeral certificates to allow just-in-time connections for only the amount of time needed (eliminating the costs of password vaulting and management)
- Manages access to target hosts whether they’re in multi-cloud, hybrid cloud or on-premise environments
- Interfaces directly with identity management systems
- Deploys quickly by avoiding the need to install traditional agents on client workstations and/or host servers
- Simplifies compliance and post-event forensics with auditing and session recording
For more information, visit SSH.COM
25. Zix-AppRiver - Encrypted Messaging Service, Audits and Monitoring
Zix-AppRiver, cloud-based cybersecurity solutions provider, is offering:
Free use of healthyemail encrypted messaging service – Helps businesses send secure messages and large files to anyone, anywhere, on any device with ease
- Microsoft Office 365 Security Audits - Zix-AppRiver is also encouraging organizations to take advantage of its free Office 365 Audit tool that scans for vulnerabilities within Office 365 as increases in remote work expose networks to new threats, including phishing and ransomware attacks, conversation hijacking, login theft and malware.
- Office 365 Monitoring – To further enhance its 365 Audit tools, Zix-AppRiver moved up the planned release of its new Office 365 Monitoring tool. The Monitoring tool takes the Audit a step further by implementing it as an additional control measure to continuously monitor digital environments and send alerts as events unfold.
For more information, visit Zix.com
26. Global Learning Systems - Online Course for Remote Workers on Cybersecurity Best Practices
As thousands of employees set up home offices to work remotely amid the coronavirus (COVID-19) pandemic, Global Learning Systems (GLS) is making available a free online course to help educate at-home workers on how to avoid phishing scams and cyberattacks.
The online security awareness training, “Securing Your Work At Home”, along with resources and tips, helps employees establish good cybersecurity hygiene by providing scenario-based examples and interactions on how to secure home networks, safeguard personal devices and connect securely with the outside world.
For more information, visit GlobalLearningSystems.com
27. H-ISAC and RiskRecon - Cybersecurity Rating Assessments for Healthcare Organizations
H-ISAC has partnered with RiskRecon to provide all healthcare organizations free cybersecurity rating assessments through December 31, 2020.
RiskRecon can help organizations better understand and act on their own enterprise and third-party cybersecurity health by continuously discovering their digital footprint and assessing their cybersecurity across 40 security criteria spanning thousands of security checks.
If you are a healthcare organization, simply complete a form. RiskRecon will verify your request and provide you continuous assessment of your cybersecurity health.
For more information, visit RiskRecon.com
28. CloudKnox - Cloud Identity Risk Assessment
CloudKnox Security is offering no-cost cloud risk assessments that will help companies understand their current cloud identity risk profile, identify the areas of greatest risk/opportunities for mitigation, and improve those risk profiles with prescriptive recommendations.
For more information, visit https://cloudknox.io/risk-assessment/
29. ReliaQuest - Threat Intelligence Reports
To help companies better proactively defend against a new wave of threats created by COVID-19, ReliaQuest is offering any user who registers a weekly Rapid Response digest – a set of threat intelligence and use cases based on insight from its customer base of Fortune 500 companies ranging across healthcare, retail, finance and tech verticals.
Registrants will receive a high-level summary of emerging threats for email, cloud, user activity and authentication technologies, and will receive specific indicators of compromise (IoCs) to implement. Registrants will receive distilled recommendations on why these threats require protection, detection recommendations, and specific use case queries to implement within their environments.
For more information, visit ReliaQuest.com
30. Corvus Insurance - Cyber Risk Reports to Healthcare Entities
To help hospitals and other healthcare entities to identify gaps in security and provide recommendations to mitigate risk, Corvus Insurance, a provider of commercial insurance products powered by AI-driven risk data, is providing cyber risk analysis and reports for hospitals, healthcare entities or any organization on the frontlines of the healthcare response to the COVID-19 pandemic. The reports are provided free of charge and can be requested through the company’s website.
The DLP Reports are produced through a non-intrusive scan of an organization’s external-facing IT security systems, known as the Corvus Scan. Based on its proprietary software and scoring tools, the Corvus Scan can identify weaknesses and make recommendations for improvements to IT security.
For more information, visit CorvusInsurance.com
31. National Cyber Security Alliance - Webinars
The National Cyber Security Alliance (NCSA), which builds strong public/private partnerships to create and implement broad-reaching education and awareness efforts to empower users and encourage a culture of cybersecurity, will be hosting many webinars which may be of help during this time.
Webinar: “Spring Has Sprung! Time for a Digital Spring Cleaning” Webinar
Date & Time: April 14th, 2020 @ 2:00PM ET
Link to register: https://staysafeonline.org/event/digital-spring-cleaning/
Details: Join Patrice Bobala, Global Head of Knowledge & Quality Assurance at Generali Global Assistance, other members of NCSA, and the Better Business Bureau on April 14, where they’ll feature tips and resources for doing a digital spring cleaning so you can free up more space, get off unwanted lists, improve your privacy and security, and go into summer feeling free of digital clutter.
Webinar: “How to Avoid COVID-19 Scams” Webinar
Date & Time: May 26th, 2020 @ 2:00PM ET
Details: Join Patrice Bobala, Global Head of Knowledge & Quality Assurance at Generali Global Assistance, other members of NCSA, and special guest, Lesley Fair, Senior Attorney at the FTC’s Bureau of Consumer Protection on Mat 26th, to see them break down some of the most common COVID-19 scams we’re seeing today, and will provide attendees with tips and resources they can use to avoid these scams.
For more information, visit StaySafeOnline.org
32. Varonis - Incident Response Service
Varonis is offering free trial software licenses for their Data Security Platform, which can include monitoring for VPN, Office 365, DNS, and more.
- Office 365 and Teams security: Ensure data that’s in Office 365 and Teams is not accessible to unauthorized users.
- VPN, DNS, and web proxy monitoring: Free eval licenses of Edge can help detect data exfiltration, people using RDP in different ways (with AD), and more, especially as more employees work from home.
- Active Directory visibility: Free eval licenses of DatAlert can help flag suspicious authentication behavior, like an admin account logging on to more devices than usual.
Varonis is also offering free incident response support to any company that reaches out.
For more information, visit https://www.varonis.com/help
33. Red Canary - Information Security Trainings
Red Canary, an organization that provides managed detection and response, open source tools, and education for the information security community, is hosting a series of educational trainings and attack/threat technique briefings, which may be helpful to counterattack cyber threats.
- DETECTION AND RESPONSE: First Look: 2020 Threat Detection Report
- MITRE ATT&CK: Privilege Escalation: How Attackers Level Up
- MITRE ATT&CK: MITRE ATT&CK Deep Dive: Persistence
- DETECTION AND RESPONSE: Lateral Movement: 2-Part Webinar Series
- DETECTION AND RESPONSE: Shutting Down Lateral Movement
- MITRE ATT&CK: ATT&CK Deep Dive: Defense Evasion
- THREAT HUNTING: Threat Hunting with MITRE ATT&CK: 3-Part Webinar Series
- MITRE ATT&CK: Panel Discussion: 2019 Threat Detection Report
- MITRE ATT&CK: MITRE ATT&CK Deep Dive: Lateral Movement
- THREAT HUNTING: How to use MITRE ATT&CK to mature your threat hunting program
- THREAT HUNTING: Testing visibility to develop an innovative threat hunting program
- THREAT HUNTING: Becoming a leader: an inside look at an advanced threat hunting program
- ATOMIC RED TEAM: How to Test Your Security Controls Using Atomic Red Team
- CARBON BLACK RESPONSE: 5 Ways Carbon Black Response Data in Splunk Can Improve Your Security
- SECURITY OPERATIONS: You and what army? How lean security teams defend against evolving threats
- THREAT HUNTING: Threat hunting for Dridex attacks using Carbon Black Response
For more information, visit RedCanary.com
34. Absolute Software - Patented Persistence® Technology and Automated Workflows
In support of IT teams tasked with ensuring employee productivity, organizational security, and business continuity, Absolute is offering free access to Application Persistence for VPN and is expanding its response to the global coronavirus outbreak by providing all of its customers with access to a comprehensive library of automated, custom workflows that enable a more seamless way to secure and manage remote devices. Absolute is providing both for free to Visibility and Control tier customers through August 31, 2020.
- Proactively repair and reinstall existing virtual private network (VPN) applications: Supported VPN applications include Cisco AnyConnect Secure Mobility Client, F5 BIG-IP Edge Client, and Pulse Connect Secure.
- Access to more than 130 custom workflows that allow them to easily run queries or reports and then take widespread remedial action such as enforcing patch installations, turning on or repairing VPN applications, and more with just a few clicks.
- Enables IT and Security teams with self-healing endpoint security – allowing them to proactively pinpoint vulnerabilities and quickly take remedial action, whether a device is on or off the corporate network.
For more information, visit www.absolute.com
35. Sumo Logic - Work-From-Home Solution
Sumo Logic is offering a new Work-From-Home solution that helps IT and security teams ensure the visibility, reliability and security of mission critical business apps. The bundle solution includes a number of existing Sumo Logic and partner apps including:
- SSO - Auth0, Duo, Okta, One Login, Azure Active Directory
- Remote Access - Cisco Meraki, zScaler Web Security
- Endpoint Security - CrowdStrike Falcon, Carbon Black, Cylance
- Productivity Apps - G Suite, Office 365, Salesforce, Slack
The new solution is available as a 90-day free trial and will also be available through Sumo Logic’s partner ecosystem, and will include customer support to help set up and optimize within any enterprise environment.
For more information visit, www.sumologic.com/
36. ManageEngine - Secure Remote Access Toolkit for IT Teams
ManageEngine has launched the bundling of Access Manager Plus and Remote Access Plus to provide seamless and secure connections to employee desktops, servers, databases and network devices from the comfort of employees’ homes, which they have made available to IT teams everywhere free of charge until July 1, 2020. Key functions of each product include:
- Access Manager Plus - Enables remote connections to critical business systems like servers, applications, and network devices. Agent-less, secure gateway solution for launching RDP, VNC and SSH connections.
- Remote Access Plus - Enables remote access to user desktops for providing technical assistance and servers inside the corporate network for regular operations. Agent-based, secure access solution for Windows, Linux and Mac operating systems.
Additional highlights of both remote work solutions include live monitoring and collaboration, centralized control, help desk integration, remote access to data centers, and voice and video chat.
For more information, visit https://www.manageengine.com/
37. Synopsys SIG - Variety of OpenSource Tools
Synopsis is offering the following services for free, always:
- Black Duck CoPilot helps teams find, fix, and avoid vulnerable dependencies within open source projects. https://copilot.blackducksoftware.com/
- Black Duck Open Hub is an online community and public directory of free and open source software (FOSS), offering analytics and search services for discovering, evaluating, tracking, and comparing open source code and projects. Where available, the Open Hub also provides information about vulnerabilities and project licenses.
For more information, visit Synopsis.com
38. Palo Alto Networks - Resources and Programs for Business Continuity
Palo Alto Networks is offering the following services and programs during COVID-19:
- Connect and Scale Remote Workforces with Prisma Access and Next-Generation Firewall: Prisma Access and Next-Generation Firewall are offering free services to rapidly onboard remote users at scale.
- Launch a Remote SOC Today with Cortex XSOARCortex: XSOAR is offering one year of free hosting and a no-cost, accelerated onboarding package designed to jumpstart your remote SOC.
For more information, visit PaloAltoNetworks.com
39. Lucy Security - Security Awareness for Remote Workers
Security awareness and training provider Lucy Security has created a website with free videos, courses, checklists and guides to train work-at-home employees to identify phishing scams and other security threats. These include:
Work Remotely Awareness Training
Secure your PC Awareness Training
Secure your Mobile Device Awareness Training
Work From Home Security Checklist
Sample COVID-19 Phishing Scams
For more information, visit https://workfromhome.education/
40. Groupdolists - “Employee Tests Positive for Covid-19” Response Plan
Groupdolists, a mobile crisis response platform, has released for free its customizable plan to help any organization manage its response when an employee tests positive for Covid-19. The platform guides the entire response step by step while maintaining flexibility—plans are completely customizable—with real-time access from any device. A leader can activate the plan, instantly mobilize, and coordinate multiple departments. Once activated, Groupdolists keeps key stakeholders in the loop, documenting all activity and information in a real-time, chronological audit trail. It even connects responders anywhere around the world into a tap-to-join conference bridge (no dialing).
For more information, visit https://groupdolists.com/groupdolists-releases-free-employee-tests-positive-for-covid-19-response-plan/
41. NCC Group - Cyber Threat Intelligence to Global Healthcare Providers
NCC Group is offering unique threat intelligence free of charge to national Computer Emergency Response Teams, hospitals and national institutes of public health around the world, for the next few months to help them build cyber resilience. Institutions signing up will benefit from receiving actual threat intelligence on hacking groups who have been infamous for their targeted ransomware attacks. The information known as Indicators of Compromise, concerns the main criminal groups and the methods they use. On that basis, hospitals will be able to use this information to detect cyber criminals at an early stage and take actionable steps to improve their resilience.
The initial report, compiled by the NCC Fox-IT Threat Intelligence team based in the Netherlands, includes:
Threat actor descriptions
Applying threat intelligence to your systems
Chronology of targeted ransomware in hospitals and health clinics
Technical Indicator of Compromise pack related to targeted ransomware threat actors for deployment to institutions or national capabilities
Regular updates on threat actors over the next few months
As well as providing the report and updates, NCC Group, with Fox-IT at its core, has brought together a team of specialist threat intelligence analysts and incident responders to answer both general and urgent questions that may arise from the content of the report.
For more information, visit https://www.nccgroup.com/thankyouhospitals
42. (ISC)2 - Free and Deeply Discounted Learning Opportunities during COVID-19
(ISC)² – a large nonprofit association of certified cybersecurity professionals – announced several offers to the cybersecurity community that provide world-class training at deeply discounted prices. Among the special discounted offers now available:
- PDI Courses for Non-Members – Professional Development Institute (PDI) courses are always available to (ISC)2 members and associates at no charge, and to non-members for purchase. In order to help the cybersecurity community and to make continuing professional education (CPE) credits more easily accessible, (ISC)2 is offering free access for all to its recently released Utilizing Big Data course.
- Online Self-Paced Training – (ISC)2 is also offering Certified Information Systems Security Professional (CISSP) and Certified Cloud Security Professional (CCSP) self-paced trainings at a 33 percent discounted price for a limited time. Both trainings extend the four-month course access period to six months and include more than 300 pre-recorded videos totaling nearly 30 hours of expert instruction.
- Online Instructor-Led Training – This type of training offers all the benefits of in-person training, including real-time interaction with an instructor with the convenience of completing the training in the comfort and safety of the learner’s own home. (ISC)2 has launched new discounted pricing to make it easier for cybersecurity professionals to access such training while observing stay-at-home orders.
- CISSP Concentrations Training – To make training more accessible and affordable during this difficult time, (ISC)2 has launched a limited-time online training promotion to encourage CISSPs to continue to advance their professional goals, with a discount for self-paced concentration trainings bundled with an exam voucher.
(ISC)2 also offers a free, award-winning webinar series featuring expert-led discussions on a wide range of security topics, and continually adds online content to expand learning opportunities to help cybersecurity professionals meet their CPE needs without having to travel or attend in-person meetings or conferences.
For more information, visit https://www.isc2.org/
43. Mimecast - Web Security Service
In response to COVID-19, Mimecast is offering its fully featured Web Security service for free for 90 days, protecting users against malicious and inappropriate websites. In addition, Mimecast’s Coronavirus page offers a variety tools and resources for to support remote workers’ cyber resilience efforts, including:
- Cyber preparedness and response articles, detailing threat trends and remote work best practices
- Awareness Training resources to provide for your end-users
- Educational tools, such as weekly Global Threat Intelligence briefings and an eBook: “Keeping Your Organization Secure During the Coronavirus Pandemic”
For more information, visit https://www.mimecast.com/coronavirus/
44. UserLock - Two-Factor Authentication & Access Management for Windows Active Directory
Working alongside Active Directory, UserLock’s two-factor authentication and access management for Windows active directory helps administrators manage and secure access for all users (remote or on-premises), without disturbing employees or upsetting the IT department. For the current COVID-19 situation, UserLock is extending their free trial period to 90 days (instead of 30 days).
With the solution, you can set policies to authorize, deny or limit any login (including wireless and remote access), based on contextual factors:
- Origin: Computer (Windows & Mac), device & location restrictions (country, IP address, department, OU)
- Time: Logon hour restrictions, maximum session length & session time quota
- Session type: Workstation, terminal, Wi-Fi, VPN and IIS sessions
- Simultaneous connections: Limit concurrent logins and initial access points
For more information, visit https://www.isdecisions.com/products/userlock/
45. SurfShark - “A Guide to Public Wi-Fi Security Risks & How to Use it Safely”
SurfShark recently published “A Guide to Public Wi-Fi Security Risks & How to Use it Safely”. It’s an in-depth resource that offers lots of useful information such as:
- The evolution of Wi-Fi: from a niche military experiment back in 1997 all the way to the present where Wi-Fi is available almost anywhere in the modern world.
- The potential dangers of using public Wi-Fi; including the risk of cybercriminals targeting you, how your personal information is exploited online, and common mistakes people make that leave them vulnerable to an attack.
- Tips and advice for using public Wi-Fi safely such as recognizing unsecured websites, reading privacy policies, looking for signs of malware, tips to browse safely on your laptop or smartphone, and using a VPN to protect your personal data.
- Links to other useful resources and information to protect your data and privacy when using public Wi-Fi.
For more information, visit https://surfshark.com/wifi-security
46. Wickr - End-to-End Encrypted Enterprise Collaboration Platform
Wickr Inc. announced that Wickr Pro, the end-to-end encrypted enterprise collaboration platform, is now available at no cost for organizations and groups who want to create and manage secure networks for up to 30 users. Wickr Pro is a fast and easy way to ensure the security of remote collaboration in light of mandatory work from home requirements. Wickr Pro is known for its strong end-to-end encryption of communications and the ability to securely operate on Zero Trust Networks (ZTN).
The key features from Wickr Pro that will be available to customers includes:
- Secure direct messaging and group conversations
- Secure Rooms for projects and teams
- Secure file sharing and file storage
- Secure voice and video calling with screen sharing
- Secure connectivity with millions Wickr users worldwide
- Administrative controls and integrations – i.e. SSO, 2FA, etc.
For more information, visit https://wickr.com/wickr-extends-wickr-pro-service-offerings-for-free-amidst-urgent-spike-in-remote-work/
47. Cyber Observer - Cyber Hygiene, Compliance and Continuous Monitoring
Cyber Observer continuously monitors security software tools, delivering real-time information about the deployment and optimization of the tools deployed in the enterprise security environment so senior infosec managers can have the awareness and visibility they need to effectively manage their cybersecurity programs.
Deploying either in-house ObserverSecurity Framework or any international security compliance standard, Cyber Observer enables enterprises to better understand risk, manage cybersecurity programs top-down, advance posture, and communicate effectively to senior stakeholders. Deploy remotely - free - for a limited time.
For more information, visit https://www.cyber-observer.com/platform-overview/
48. Sepio Systems - Rogue Device Detection
Leveraging a combination of physical fingerprinting technology together with device behavior analytics, Sepio Systems’ software-only solution offers an easily deployable solution that provides continuous monitoring to detect and alert on abnormal devices and device activity on your network and endpoints. You will know immediately whether something plugged into an endpoint is not what it is supposed to be. Deploy remotely - free - for a limited time.
For more information, visit https://www.sepio.systems/solution