powered by RealWire

Recent Social Media Releases from RealWire


ThreatQuotient Expands Integration with MITRE ATT&CK Framework to Offer Full Support for Customers

ThreatQ Adds Support for Mobile and PRE-ATT&CK in Response to Rapid Customer Adoption
LONDON – 20th May 2019ThreatQuotient™, a leading security operations platform innovator, today announced that the ThreatQ™ integration with MITRE ATT&CK™ now includes support for PRE-ATT&CK and Mobile. Together with Enterprise ATT&CK, the three-pronged framework creates an end-to-end attack chain that examines and assesses an adversaries’ actions. Since first integrating with MITRE ATT&CK in early 2018, ThreatQuotient has helped customers integrate the framework in their workflows to achieve a holistic view of their organisation’s specific attack vectors and what needs to be done to effectively defend against adversaries.
Attacks are happening with increasing velocity, and the average cost of a data breach has risen to $3.86 million, according to the 2018 Cost of a Data Breach Study by Ponemon. As more organisations begin to accept the likelihood that they will be breached, the security industry is placing greater emphasis on technologies, tools and processes to accelerate detection and response. However, this is not always done with collaboration in mind. When combined, the ThreatQ platform and MITRE ATT&CK framework enables expansive and shared understanding across teams and technologies, allowing faster response when an event occurs.
“Every organisation can derive value from the MITRE ATT&CK framework to measure, improve and extend the capabilities of their security operations. To yield the greatest success, security teams should use the framework to have a complete understanding of what they are trying to protect against,” says Ryan Trost, CTO & Co-founder at ThreatQuotient. “Whether mapping the attack tactics or techniques against your defenses to more accurately assess your risk posture; connecting active adversaries to their own respective TTPs to ensure internal battle cards are accurate and distributed; or simply gauging your organisation’s higher probability threat risk areas and providing your red team better ‘real world’ objectives ThreatQ’s integration of the ATT&CK framework provides teams an out-of-the-box capability. As an organisation’s capacity to use ATT&CK data evolves, the ability to dig deeper into the framework will allow a company to gain even greater value...but at their own pace. This is great for the industry and will hopefully play a cornerstone role as organisations defend themselves against attacks.”
“The MITRE ATT&CK knowledge base provides a common language for the cybersecurity community to use when describing adversary behaviors,” said Katie Nickels, MITRE ATT&CK Threat Intelligence Lead. “We continue to be inspired by the ways the entire community is using ATT&CK to improve their defenses.”
ThreatQuotient has long believed that the ability to accelerate security operations starts with having a thorough and proactive understanding of the actors, campaigns and TTPs targeting an organisation. There are three main ways an organisation can use the integration of ThreatQ and MITRE ATT&CK to their advantage:
1. Reference and Data Enrichment
Aggregate data from the framework into ThreatQ and search for adversary profiles to answer questions like: Who is this adversary? What techniques and tactics are they using? What mitigations can I apply? Security analysts can use the data from the framework as a detailed source of reference to manually enrich their analysis of events and alerts, inform their investigations and determine the best actions to take depending on relevance and sightings within their environment.
2. Indicator or Event-Driven Response
Use ThreatQ to correlate data from the ATT&CK framework with incidents and associated indicators from inside the organisation’s environment. Security analysts can then automatically prioritise based on relevance to their organisation and determine high-risk indicators of compromise (IOCs) to investigate. With the ability to use ATT&CK data in a more simple and automated manner, security teams can investigate and respond to incidents and execute appropriate courses of action for more effective detection and more efficient threat hunting.
3. Proactive Tactic or Technique-Driven Threat Hunting
Pivot from searching for indicators to taking advantage of the full breadth of ATT&CK data. Threat hunting teams can take a proactive approach, beginning with the organisation’s risk profile, mapping those risks to specific adversaries and their tactics, drilling down to techniques those adversaries are using and then investigating if related data have been identified in the environment. For example, they may be concerned with APT28 and can quickly answer questions including: What techniques do they apply? Have I seen potential IOCs or possible related system events in my organisation? Are my endpoint technologies detecting those techniques?
ThreatQuotient’s Neal Humphrey, Threat Intelligence Engineer Director, North America, will host a webinar on May 22, 2019 at 2:00pmET to discuss best practices for applying the MITRE ATT&CK framework effectively and making it actionable. Registration and more information about the webinar, Combating Trisis with MITRE ATT&CK Framework, can be found here: https://www.threatq.com/mitre-webinar-na/.
About ThreatQuotient
ThreatQuotient’s mission is to improve the efficiency and effectiveness of security operations through a threat-centric platform. By integrating an organisation’s existing processes and technologies into a single security architecture, ThreatQuotient accelerates and simplifies investigations and collaboration within and across teams and tools, supporting multiple uses cases including incident response, threat hunting, and serving as a threat intelligence platform. Through automation, prioritisation and visualisation, ThreatQuotient’s solutions reduce noise and highlight top priority threats to provide greater focus and decision support for limited resources. ThreatQuotient is headquartered in Northern Virginia with international operations based out of Europe and APAC. For more information, visit https://threatquotient.com.

Global Survey Shows App Dev Industry Ready for Massive Disruption

3,300 IT Leaders Report Talent Scarcity, Massive Backlogs, and Aging Infrastructure as Top Concerns
LONDON – 14th May - OutSystems has published its sixth annual research report on the state of application development and the challenges faced by development and delivery teams. The State of Application Development, 2019: Is IT Ready for Disruption? unveils detailed survey results from over 3,300 IT professionals in all industries across the world.
“Our 2019 survey shows that many IT departments are facing a multitude of disruptive forces when it comes to digital transformation and application development,” said Steve Rotter, CMO for OutSystems. “The threat of digital disruption and the need for digital transformation has been a driver of IT strategy for years. Add to that the current uncertain global economic outlook, and it becomes obvious why business leaders are so concerned about agility today.”
The new research report provides in-depth insights from IT managers, enterprise architects, and developers addressing a wide range of issues. “Digital transformation dominates business strategy today, which is why web and mobile development demand is booming. Moreover, speed and agility are more important than ever before,” Rotter explained.
This OutSystems report explores the priorities and challenges of application development and delivery, and the strategies that IT teams are using to try to speed up delivery.
Six key findings that impact every IT professional:
  • Demand for app dev soars: The number of applications slated for delivery in 2019 has increased 60%, according to respondents, 38% of whom plan to deliver 25 or more apps this year.
  • Steep development time: 46% of respondents said the average time to deliver a web or mobile application is five months or more.
  • Backlogs remain: 64% of IT professionals said they have an app dev backlog, and only 39% said their app dev backlog had improved in the past year.
  • Development talent hard to find and keep: Most respondents have hired developers, 75% of respondents described app dev talent as scarce, and only 36% of organisations have larger app dev teams than a year ago. The numbers appear to show retention of app dev talent is of an equally grave concern.
  • Agile practices are still slow to mature: 60% of organisations have invested in agile tools and services in the past year. However, the average agile-maturity score was a lackluster 2.7 out of 5, meaning most organisations are still in the process of defining agile processes.
  • Customer centricity continues to rise: Over 60% of organisations have invested in customer-centric practices in the past year, including customer journey mapping, design thinking, and lean UX. For the new apps slated for development in 2019, those that will be used directly by customers or business partners were identified as most important.
Low-Code Has Become Mainstream
Another key research finding was that low-code is no longer just for innovators and early adopters. For example, 41% of respondents said their organisation was already using a low-code application platform. And, a further 10% said they were about to start using one.
The analysis in the report identified that organisations using low-code are:
  • 26% more likely to describe their organisation as satisfied or somewhat satisfied with the speed of application development
  • 11% more likely to deliver web applications in four months or less
  • 15% more likely to deliver mobile applications in four months or less
  • 20% more likely to score their agile maturity as level 3, 4, or 5
  • 12% more likely to say that their app dev backlog has improved since last year
  • Reporting a 16% higher self-assessment score for digital transformation maturity
Download a copy of the full report: https://www.outsystems.com/1/state-app-development-trends/.
About OutSystems - Thousands of customers worldwide trust OutSystems, the number one low-code platform for rapid application development. Engineers with an obsessive attention to detail crafted every aspect of the OutSystems platform to help organisations build enterprise-grade apps and transform their business faster. OutSystems is the only solution that combines the power of low-code development with advanced mobile capabilities, enabling visual development of entire applications that easily integrate with existing systems. Visit us at www.outsystems.com, or follow us on Twitter @OutSystems or LinkedIn at https://www.linkedin.com/company/outsystems.
 

Flashpoint Strengthens Intelligence Platform with New Dashboards and Analytics, Expanded Collections and Tailored Alerting by Industry

Company Significantly Expands Use-Case Driven Business Risk Intelligence (BRI) Offerings
London - 24th April 2019 - Flashpoint, the global leader in Business Risk Intelligence (BRI), today announced new innovations and enhancements that help multiple teams bolster cybersecurity, confront fraud, detect insider threats, enhance corporate and physical security, and address third-party risk.
The new innovations and enhancements strengthen Flashpoint Intelligence Platform, which grants access to the company’s archive of finished intelligence reports, data from illicit forums, marketplaces, chat services, paste sites, technical data, card and account shops, and vulnerabilities, in a finished intelligence experience. The platform scales Flashpoint’s internal team of specialised, multilingual intelligence analysts’ ability to quickly provide responses to customers.
“As a long-time Flashpoint customer, I have seen many iterations of the company’s platform, technology, and collections,” said Jim Nelms, Chief Information Security Officer at LabCorp. “This is by far the largest leap that the Flashpoint team has taken in terms of expanding its datasets and making intelligence more consumable, and it did so while holding true to its vision of bringing BRI to diverse teams across an enterprise.”
The platform now features new dashboards and analytics, expanded datasets, chat services and communities, and industry alerting that simplify an organisation’s consumption and automation of intelligence. The enhancements include:
Account Shops: Customers can identify their organisation's compromised accounts found for sale in illicit account shops, providing an ability to reduce the risk of employees’ or customers' login details being used in credential stuffing attacks.
Card Shops: Collections of stolen credit card data found in illicit high-end credit card shops, compromised from a variety of operations — including dumps from point-of-sale (POS) compromises, or credit cards from card-not-present (CNP) transactions.
Common Vulnerabilities and Exposures (CVEs): Prioritise the vulnerabilities that matter most with access to the latest CVEs, as well as CVEs discussed by threat actors as observed by Flashpoint intelligence analysts with incorporated access to MITRE ATT&CK and NVD data.
Dashboards: Comprehensive view of data measured against Flashpoint collections, most relevant to an organisation; from monitoring the latest credit card leaks, to keeping track of the most active CVEs, our dashboards provide a one-pane view into information and data to help better mitigate vulnerability exposure and risk to your organisation.
Expanded Chat Services: Flashpoint’s Telegram collections now allow customers to view critical media included in chat services messages, such as audio, images, documents, and other file types, including malware samples and technical data, providing more context to chat conversations and additional intelligence for research purposes. Collections are also expanding to include illicit discussions and media on multiple chat services.
Expanded Communities: Flashpoint is expanding its coverage of illicit discussions in communities such as 4Chan, 8Chan, and Dread, providing users with additional context as to how threats move across the web.
Industry Alerting: Based on multi-language keyword patterns developed, curated, and maintained by our Intelligence team, this product provides customers tactical information derived from threat actor conversations that are relevant to users in their respective industries and industries they want to monitor. In addition to Flashpoint’s tailored industry alerting for financial services, retail, legal and healthcare, the company has added patterns that find signal in the noise for users who are in, or care about, the technology, insurance, and telecommunications industries.
"We've listened to the Flashpoint community and really focused on creating features and capabilities that help address our customers' most important use cases," said Josh Lefkowitz, Flashpoint CEO. "As a result, we've expanded our data collections, refined our intelligence, and delivered analytics in ways that help our users detect, understand, and mitigate the threats they face without overwhelming them with noise.”
Flashpoint’s continued innovation around collections also supports its one-of-a-kind Flashpoint Collaboration (FPCollab), a TLP Amber information sharing community comprised exclusively of leading intelligence experts across 20 industries.
“When a proof-of-concept (PoC) code for a high-impact vulnerability was released, one of our analysts immediately notified FPCollab, sparking a discussion in which members reciprocated by providing their own PoC code or recommended mitigations,” Lefkowitz continued. “FPCollab members then synergised to fine tune the PoC code, better understand how the vulnerability could be exploited, mitigate the risk it posed to their network environments, and build upon each other’s findings.”
Industry research also indicates that specific use cases are driving purchasing decisions around threat intelligence for enterprises.
In its recent Market Guide for Security Threat Intelligence Products and Services (February 2019), “Gartner continues to strongly advocate on use cases as being the primary outcome that end users must pursue, not a specific source or technology. Pragmatically, use cases and the outcomes they deliver are setting the primary influential direction of this market.” [1]
Request a meeting with one of Flashpoint's intelligence experts to learn more about the enhancements to Flashpoint Intelligence Platform.
[1] Gartner, Market Guide for Security Threat Intelligence Products and Services, Craig Lawson, Ruggero Contu, Ryan Benson, 19 February 2019 
About Flashpoint
Flashpoint delivers converged intelligence and risk solutions to private and public sector organisations worldwide. As the global leader in Business Risk Intelligence (BRI), Flashpoint provides meaningful intelligence to assist organisations in combating threats and adversaries. Through sophisticated technology, advanced data collections, and human-powered analysis, Flashpoint is the only intelligence firm that can help multiple teams across an organisation bolster cybersecurity, confront fraud, detect insider threats, enhance corporate and physical security, improve executive protection, address third-party risk, and support due diligence efforts. Flashpoint is backed by Georgian Partners, Greycroft Partners, TechOperators, K2 Intelligence, Jump Capital, Leaders Fund, Bloomberg Beta, and Cisco Investments. For more information, visit https://www.flashpoint-intel.com or follow us on Twitter at @FlashpointIntel.
 

OutSystems Joins Forces with the Manufacturing Technology Centre to Accelerate the UK's Industrial Growth

Membership in innovation hub enables OutSystems to drive low-code adoption in manufacturing sector
LONDON – 17th April 2019OutSystems, provider of the number one low-code platform for rapid application development, today announced that it has joined the Manufacturing Technology Centre (MTC), enabling it to deliver cutting-edge innovation through its low-code application development platform to the UK’s biggest manufacturers.
The MTC is an innovation hub that develops manufacturing processes and technologies in an agile, low risk environment. OutSystems collaboration with the MTC will enable it to work alongside manufacturing powerhouses such as Rolls-Royce, Airbus, Unilever, BAE Systems, and Siemens.
Nick Pike, VP UK&I, OutSystems, comments: “Right now there is pent up demand within manufacturers who are trying to introduce web, mobile, and IoT-connected apps across the sector but are being hampered by slow processes and legacy systems. As a result, development teams are seeking ways to innovate faster, and drive digital transformation projects forward quickly, without being encumbered by traditional environments and ways of working.”
OutSystems foothold in the manufacturing sector will allow development teams to innovate at a much quicker rate and far more cost-effectively than previously, enabling them to build enterprise-grade applications in the following areas:
  • Internet of Things (IoT)/Industry 4.0
  • Artificial Intelligence technology
  • Mobile apps for production line, field service and logistics staff
  • Systems of engagement for customers, staff and business partners
  • Manufacturing Execution Systems (MES)
  • Legacy modernisation
“Bringing OutSystems low-code platform to organisations within the MTC provides this sector with a great opportunity to develop applications in a faster and more cost-effective way. We’re truly excited to be part of the MTC, helping to drive forward the UK’s global leading role in the manufacturing sector and deliver competitive advantage, which has never been more important than it is today,” adds Nick Pike.
As a member of the MTC, OutSystems will be able to commission its own fully-funded projects, as well as engage in MTC’s Core Research Programme, which provides access to an annual collaborative research scheme worth more than £2m+, where research outputs are shared. This will enable OutSystems to demonstrate the value of low-code as the Centre experiments with different methods of bringing products to market, all in a cost-efficient way.
The MTC is also actively engaged in external research programmes with Innovate UK and Horizon2020. OutSystems’ membership provides an ideal opportunity to bid for major R&D projects in the UK and worldwide manufacturing sector, opening up further collaborative opportunities with the biggest players in the industry.
Craig Stevens, Chief Digital Engineer at the MTC added: “It’s fantastic to have OutSystems join the MTC. As a global leader in low-code rapid application development, its knowledge and experience will only benefit our wider-partner network. We look forward to further strengthening this relationship in the future.”
- ENDS -
About OutSystems
Thousands of customers worldwide trust OutSystems, the number one low-code platform for rapid application development. Engineers with an obsessive attention to detail crafted every aspect of the OutSystems platform to help organisations build enterprise-grade apps and transform their business faster.
OutSystems is the only solution that combines the power of low-code development with advanced mobile capabilities, enabling visual development of entire applications that easily integrate with existing systems.
Visit us at www.outsystems.com, or follow us on Twitter @OutSystems or LinkedIn at https://www.linkedin.com/company/outsystems.

OutSystems Recognised as a 2019 Top Rated Low-Code Platform for the Third Year in a Row by TrustRadius

LONDON - 9th April 2019 - OutSystems, provider of the number one platform for low-code rapid application development, today announced that it has been named a 2019 Top Rated Low-Code Platform by TrustRadius, the most trusted site for business technology B2B software reviews.
This distinction, based entirely on the feedback and rating from end users, evaluates the likelihood-to-recommend ratings and evaluation frequency by buyers. OutSystems was named one of the best low-code software platforms with a score of 8.9 out of 10 among 125 reviews as of April 3, 2019.
“OutSystems has earned a Top Rated Low-Code Development Platform award from TrustRadius based directly on customer feedback,” said Megan Headley, VP of Research at TrustRadius. “Reviewers love OutSystems for its solid multi-platform development capabilities, strong community support and interaction, and rapid advancement of developer skills.”
Steve Rotter, CMO of OutSystems, also highlighted the importance of this recognition: “This is the third year in a row that we’ve been recognised as a Top Rated Low-Code Platform. We’re constantly working to make sure OutSystems is the platform our customers trust to innovate, generate revenue, and improve productivity. This recognition and all the great reviews that led to it are a validation from real users that OutSystems provides true value to their business and that our customers are happy customers.”
Here are some of the reviews listed on TrustRadius about OutSystems:
“Significantly reduced time to market for both Mobile and Web applications. Ability to upskill developers far quicker than with most development environments. Enterprise-grade infrastructure and hosting out-of-the-box.” (Web and Enterprise Team Lead, Computer Software industry)
“The ease of use of the OutSystems platform has been the biggest ROI for us. We have developed our Framework product and maintained/enhanced it with only four workers. OutSystems has enhanced their product very significantly over the last four years. They have gone from a simple to use tool to a sophisticated tool that covers the standard mainframe-based computing apps.” (CIO, Computer Software industry)
“Our old, legacy system didn’t serve our needs anymore and it wasn’t flexible at all. With OutSystems, we are building a new one from scratch. Two of us are new to OutSystems (and IT) and learned to use it in a few months. We hired three external experts to build and teach the juniors, so we could start building and delivering value immediately.” (Student Supervisor, Non-Profit Organisation).
This is the third customer distinction OutSystems has received in less than a year. At the end of 2018, it was also named a Customers’ Choice by Gartner Peer Insights in two market categories: Mobile Application Development and Enterprise High-Productivity Application Platform as a Service.
This recognition by TrustRadius reinforces the position of OutSystems in the market, which has also just been named a Leader in the Forrester Wave: Low-Code Development Platforms for AD&D Professionals report.
To see all the reviews on TrustRadius, visit their OutSystems profile. To see what customers are saying on the other review sites, visit OutSystems’ Happy Customers page.
About TrustMap™
The TrustMap™ is a visual depiction of the best software products as rated by users on TrustRadius within each market segment. TrustRadius does not endorse any vendor, product, or service depicted in its TrustMaps and does not advise software users to select only those vendors with the highest ratings.
About OutSystems
Thousands of customers worldwide trust OutSystems, the number one low-code platform for rapid application development. Engineers with an obsessive attention to detail crafted every aspect of the OutSystems to help organisations build enterprise-grade apps and transform their business faster. OutSystems is the only solution that combines the power of low-code development with advanced mobile capabilities, enabling visual development of entire application portfolios that easily integrate with existing systems. Visit us at www.outsystems.com or follow us on Twitter @OutSystems or LinkedIn.