viernes, 20 de septiembre de 2019

Top Cybersecurity Companies

Methodology

Cybersecurity vendors were assigned scores based on their annual revenue, range of products, appearance in eSecurity Planet's Top Security Vendor lists, Gartner Magic Quadrant reports, Gartner Peer Review ratings, and their rankings in the Cybersecurity 500. The top 15 vendors are listed below followed by 10 honorable mentions.

1. Microsoft

Cybersecurity product categories: Identity and access managementUEBA, threat protection, information protection, security management, cloud securityDDoS protection, application gateways

2. Fortinet

Cybersecurity product categories: Firewallsintrusion prevention and endpoint security


3. IBM

Cybersecurity product categories: Security analytics, servicespatch managementencryptionSIEMsecurity orchestrationmobile security, fraud protection, network security, data protection, threat intelligenceapplication security, endpoint protection, identity and access management, mainframe security


4. KnowBe4

Cybersecurity product categories: Cybersecurity awareness training


5. Symantec

Cybersecurity product categories: Advanced threat protection, managed servicesendpoint securityencryptionweb gatewayemail security, network security, cloud security, antivirus, identity theft protection, website security


6. Cisco

Cybersecurity product categories: Next-generation firewallsnext-generation intrusion preventionCASB, web gateway, NAC, advanced malware protection, email security, endpoint security, security management, VPN, security services


7. Palo Alto Networks

Cybersecurity product categories: Next-generation firewall, UEBA, cloud security, endpoint protection, threat detection and prevention, application framework


8. Splunk

Cybersecurity product categories: Security analytics, SIEM, user behavior analytics, ransomware prevention, security automation


9. McAfee

Cybersecurity product categories: consumer antivirus and privacy protection, identity theft prevention, IDPS, web gateways, mobile security, CASB, data protection, encryption, endpoint security, network security, security management, server security, security analytics, SIEM, web security, consulting


10. Check Point

Cybersecurity product categories: Advanced threat prevention, next generation firewallUTMencryption, secure gateway appliances, endpoint protection, remote access, cloud security, mobile security

11. Sophos

Cybersecurity product categories: Firewallsunified threat management, web gateway, secure email gateway, security management, anti-phishing, endpoint protection, mobile security, encryption, server security, web application firewalls, consumer antivirus and Web filtering.


12. Proofpoint

Cybersecurity product categories: CASB, advanced threat protection, email protection, encryption, data loss prevention, threat intelligence


13. Imperva


Cybersecurity product categories: Web application firewalls, data masking, database securityDDoS mitigation


14. RSA (Dell Technologies)


Cybersecurity product categories: SIEMGRCthreat intelligence, network traffic analysis and forensics, endpoint security, security orchestration, UEBA, malware detection, fraud prevention, identity and access management

15. Trend Micro
Cybersecurity product categories: hybrid cloud security, intrusion prevention, advanced threat protection, encryption, endpoint security, email security, Web security, SaaS security, IoT security, threat intelligence
Appearances on eSecurity Planet's Top Vendors lists: 2

Honorable Mentions
The following companies scored well but didn't quite make our top 15.
  1. Kaseya (network and infrastructure monitoring, patch management)
  2. Barracuda (email security, backup, web gateways, NGFWWAFUTM)
  3. Carbon Black (endpoint)
  4. Exabeam (security intelligence, analytics)
  5. FireEye (endpoint and threat detection)
  6. Darktrace (AI for cyber defense)
  7. SonicWall (UTMNGFWWAF)
  8. Tanium (EDR)
  9. LogRhythm (SIEM, UEBA)
  10. Micro Focus (SIEMencryptionpatch managementsingle sign-on)

Top Penetration Testing Companies Worldwide In 2019

Penetration Testing Companies and service providers

#1) ScienceSoft
Core Services: Security Testing (Vulnerability Assessment, Penetration Testing, Compliance Testing, Security Code Review, Infrastructure Security Audit), Web Application Protection, Network Protection, Managed IT Services, IoT solutions, Data Analytics.
Products: IBM QRadar for Security Intelligence, QLean for QRadar Health Check and ScienceSoft SIEM for Automated Security Monitoring.


ScienceSoft
#2) Acunetix
It complements the role of a penetration tester by automating tasks that can take hours to test for manually, delivering accurate results with no false positives at top speed. Acunetix fully supports HTML5, JavaScript and Single-page applications as well as CMS systems.It includes advanced manual tools for penetration testers and integrates with popular Issue Trackers and WAFs.
#3) Netsparker
It facilitates the role of a penetration tester since you do not need to waste hours manually verifying the identified vulnerabilities once a scan is finished.It is available as a Windows software and an online service.
#4) CyberHunter
Core Services: Penetration Testing, Network Threat Assessments, Network Security Audits, Cyber Threat Hunting, Network Log Monitoring.
Products: TrendMicro, Ericom, Sucuri, InfoCyte, Sepio Systems, Votiro
#5) Raxis
Core Services: Penetration testing, red team penetration testing, web application penetration testing, mobile application penetration testing, API & secure code review, vulnerability assessments, physical social engineering, phishing, tabletop exercises, incident response, etc.
#6) ImmuniWeb®
Its proven Machine Learning and AI technology were mentioned by Gartner, Forrester and IDC technology analysts for innovation and effectiveness.The hottest products endorsed by verified users at Gartner Peer Insights are:
  • ImmuniWeb® Discovery for a turnkey asset discovery and risk ratings (web, mobile, cloud, domains, certs, IoT);
  • ImmuniWeb® On-Demand for a turnkey web penetration testing (web, API, cloud, AWS);
  • ImmuniWeb® MobileSuite for a turnkey mobile penetration testing (iOS and Android App, Backend API);
  • ImmuniWeb® Continuous for 24/7 continuous security monitoring and penetration testing (web, API, cloud, AWS).

ImmuniWeb’s community offering also provides industry practitioners with FREE:
  • SSL Security Test
  • Website Security Test
  • Mobile App Security Test
  • Phishing Test

#7) Indusface WAS
Features
  • New age crawler to scan single page applications.
  • Pause and resume feature
  • Manual Penetration testing and publish the report in the same dashboard
  • Unlimited proof of concept requests to provide evidence of reported vulnerability and eliminate false positive from automated scan findings
  • Optional integration with the Indusface WAF to provide instant virtual patching with Zero False positive
  • Ability to automatically expand crawl coverage based on real traffic data from the WAF systems (in case WAF is subscribed and used)
  • 24×7 support to discuss remediation guidelines and POC
  • Free trial with a comprehensive single scan and no credit card required
#8) SecureWorks
Core Services: Pen Testing Services, Application Security Testing, Advance Threat/Malware detection and prevention, Log Retention and Compliance Reporting, Vulnerability Management, Risk Assessment, Cloud Security Monitoring, Incident Management etc.
Products: Managed Security Solutions, Information Security Solutions, Compliance Management Solutions, Threat Protection Solutions, Cybersecurity Risk Management Solutions, Industry Solutions etc.
#9) BreachLock Inc
Core Services: Vulnerability Management, Pen Testing as a Service, Third Party Penetration Testing, Vendor Assessments, Phishing as a Service, RED Teaming, Cloud Penetration Testing, Mobile Application Penetration Testing, IoT Penetration Testing, Web Application Penetration Testing, Network Penetration Testing, etc.
Products: RATA Web Application Vulnerability Scanner, and RATA Network Vulnerability Scanner.
#10) FireEye
Core Services: Penetration Testing, Security Program Assessment, Red Team Assessment, Response Readiness Assessment, Training Services, Deployment and Integration Services, Cyber Threat Intelligence Services, etc.
Products: Helix The Security Operations Platform, FireEye Threat Analytics, FireEye Security Suit, Email Security, Network Forensic and Security, Threat Intelligence, Endpoint Security, etc.
#11) Rapid7
Core Services: Penetration Testing, Vulnerability Management, Training, and Certification Services, Advisory Services.
Products: Metasploit for Penetration Testing, Nexpose for Vulnerability Management, Insight VM for Vulnerability Assessment, InsightIDR for User Behaviour Analytics, Insight Ops for IT Operations, InsightPhish for Phishing Simulation, Komand for Automation
#12) CA Veracode
Core Services: Pen Testing Services, Program Management, E-Learning, Third Party Security.
Products: CA Veracode Greenlight for Instant Scanning, CA Veracode Developer Sandbox for Evaluating Code, CA Veracode Static Analysis for Assessing integrated application for policy compliance, CA Veracode Software Composition Analysis for Eliminating Risk in Open Source Component.
#13) Coalfire Labs
Core Services: Penetration Testing, Application Security Assessment, Vulnerability Scanning & Assessment, Research and Development, Red Team Exercise etc.
Products: CoalfireOne Scanning Solution, Cyber Defence for Cyber Security, Compliance Services Products like HIPAA, GDPR etc.
#14) Offensive Security
Core Services: Penetration Testing, Advance Attack Simulation Services, Application Security Assessment, certification etc.
Products: Kali Linux, Exploit Database, Kali NetHunter, BackTrack, Metasploit Unleashed etc.
#15) Netragard
Core Services: Pen Testing Services, Vulnerability Assessment, Point of Sales (PoS) Testing etc.


Fuente: softwaretestinghelp.com


ESET Security Report 2019

¿Cuáles son las principales preocupaciones en materia de seguridad que tienen las empresas de América Latina? ¿Qué tipos de amenazas son las que más afectan a las empresas de la región? Estas y otras preguntas tienen su respuesta en la edición 2019 del ESET Security Report (ESR). Un informe anual elaborado por ESET que ofrece un panorama sobre el estado de la seguridad en las empresas de América Latina. 



CSA LATAM FORUM 2019

La industria de la seguridad de la información está rápidamente transformándose en soluciones entregadas por y para la computación en nube.   

Aprender sobre el progreso de las empresas en el cambio de la computación en nube y las nuevas tendencias clave en seguridad de la información.


Expertos en seguridad y proveedores de la nube discutirán gobierno, las amenazas más recientes, las mejores prácticas, privacidad de datos y las innovaciones de seguridad con relación a este nuevo entorno.

Fecha: 7 De Noviembre De 2019

Ubicación: 725 Continental Hotel, Av. Roque Sáenz Peña 725 Capital Federal, Buenos Aires

Agenda:

   » Criptografía en la nube
   » Cloud Security
   » Seguridad de aplicaciones Web en Cloud
   » Privacidad de datos
   » Auditoria de Sistemas en la Nube
   » Análisis de virus, gusanos y todo tipo de malware
   » Vulnerabilidad social
   » Riesgos de seguridad móvil
   » Plan de Recuperación en la Nube
   » Cloud Computing.
   » Continuidad de Negocios en la Nube
   » Gobierno de T.I.
   » Entre otros

Dirigido a:

  » CIO, OSC, CISO, BISO, CRO, CFO, CCO, CGOS, CPO´s y CTO.
 » Los interesados en Gobierno de IT, cumplimiento y ejecutivos de privacidad.
 » Los altos ejecutivos de negocios.
 » Finanzas, auditoría, legal y de cumplimientos reguladores.
 » Empresa y directores de operaciones de riesgo
 » Continuidad de las operaciones.
 » Gestores de crisis o de gestión de emergencias.
 » Gestores de recuperación ante desastres.
 » Encargados de Infraestructura de TI, operaciones y desarrolladores.
 » Auditoría Interna.
 » Interesados en cumplimientos regulatorios de administración de riesgos tecnológicos.