News

Nobody questions whether cybersecurity’s relevance has skyrocketed in recent years. The frequency of attacks and the amount of damage attacks can inflict have both risen exponentially. Across all industries, big and small companies are scattering for solutions to protect their highly sensitive information from these new threats.

This has forced cybersecurity experts around the world to play a freshly dealt hand: cybersecurity risks are at an all time high, and they have potential to cause more damage than ever before. Regarding which industry you work in, the attacks can be indiscriminate. Nobody is safe. This has given a rise to innovative solutions to curb or outright stop attacks dead in their tracks.

Here are some observations we have seen thus far in 2017:

A new Forrester report from top cybersecurity analysts reported that companies such as Siemplify, Hexadite, and Cybersponse are promoting industry shifting philosophies. They operate on this sort of premise: with an increased frequency of attacks and their intricacy, it is nearly impossible to gauge the actual threat being posed by each alert that comes through your system. You simply do not have the resources, or as mentioned earlier, the workforce, to adequately scrub through each alert coming across your desk. It takes a new kind of outlook to be able to tackle the issue at hand, and the answer is not so black and white. The only good solution is one that takes all the good from each cybersecurity defense tactic and combining it into one, or better known as orchestration.

Short-staffed, more than half of organizations admit they ignore alerts that should be investigated because they lack resources to handle the overflow.

Strained by the cybersecurity skills shortage, 54 percent of respondents to a new survey say they are forced to ignore security alerts worthy of further investigation, because they don’t have the staff and expertise to handle them

The Enterprise Strategy Group (ESG) surveyed 150 IT and cybersecurity pros with knowledge of, or responsibility for, enterprise security. In the study, released today, they discovered security operations has become a “bottleneck” as challenges in people, processes, and technology limit organizations’ ability to handle threats.

oint research with Enterprise Security Group reveals security leaders’ top challenges and their broader implications for security operations

NEW YORK– (BUSINESS WIRE)–Siemplify™, the leader in security orchestration and incident response, today announced the release of a new Enterprise Security Group (ESG) Research Report. In early 2017, ESG and Siemplify launched a joint research effort to better understand the complex challenges and priorities that security operations leaders are navigating this year.

Surveying 150 cybersecurity professionals across a variety of verticals, the extensive study sheds new light on the growing needs of security operations. Though organizations have spent resources on and deployed more detection systems, there is now a developing need to shift their focus to achieving efficient and rapid response times, making it clear that manual and unstructured triage and response processes are one of the main factors hampering efficient response. Organizations were furthermore overwhelmed by the amount of security alert data and also struggle with the cybersecurity industry’s ongoing staff and skill shortage.

NEW YORK–(BUSINESS WIRE)–Siemplify™, the leader in security orchestration and automation, today announced the expansion of its Executive Team with the addition of Miguel Carrero as Executive Vice President of Strategy and Business Development. Having recently served as a key advisor to Siemplify and accompanied by decades of enterprise software and cyber-security leadership experience, Miguel will help strengthen Siemplify’s position as a leader in powering security operations for Enterprise and MSSP organizations.

Miguel is a respected voice in the industry and was previously the Worldwide Head of Product and Solutions at ArcSight; a business unit within Enterprise Security Products in HP Software, where he led the ArcSight Products & Solutions portfolio and oversaw its strategic evolution worldwide. As the EVP of Strategy and Business Development, Miguel will oversee strategic partnerships, drive key client relationships and utilize his extensive domain knowledge to help bolster adoption of the ThreatNexus platform globally.

NEW YORK–Siemplify, the leader in threat management and security orchestration today announced the extension of its ThreatNexus platform to the MSSP market.

The challenge of too many alerts, dependence on manual processes, and a shortage of analysts plaguing security operations are helping to drive robust growth in MSSP’s. Yet these challenges are being exacerbated with MSSP’s, leading to higher customer acquisition cost and lower margins. The MSSP market faces some unique challenges; the need to abstract different technology stacks across their client base into a common security orchestration framework, the need to drive efficiency and automation among their analyst team to maintaining profitability, and the need to standardize processes across diverse security teams and customer profiles.

NEW YORK–(BUSINESS WIRE)–Siemplify™, the leader in threat management, security orchestration, and incident response, today announced the expansion of its Advisory Board with the addition of Miguel Carrero. With decades of enterprise software and cyber-security leadership experience, Miguel will help strengthen Siemplify’s position as a leader in powering security operations for Enterprise and MSSP organizations.

30 percent of analysts’ manpower is lost to duplicate alerts. Cyber attacks continue to grow and too many organizations struggle to handle these threats effectively. The number of threats can be overwhelming to analysts and challenging for them to differentiate the legitimate threats from the noise. Siemplify’s research team collected statistics from a typical client over a three month period, analyzing more than 9500 alerts. What the team discovered was startling.

Siemplify™, the leader in security operations and incident response solutions, today announced a $10 million financing round. Building on recent strategic wins among the Fortune 500, the company will use the funds to address growing demand for its ThreatNexus™ platform, which is revolutionizing security operations and incident response for enterprise and managed security service provider (MSSP) customers.

The new funding was led jointly by 83North and G20 Ventures. The round also included notable individual investors: Dave Strohm of Greylock Partners and Alex Daly, founder of Arcsight, among others.

Siemplify’s ThreatNexus is the industry’s leading enterprise security operations platform that seamlessly fuses the security fabric, through proprietary graph architecture, into a single pane of glass. This enables enterprise security operations center (SOC) teams to perform the full spectrum of threat analysis and incident response; from case management and analytics, to hunting, threat intelligence, workflow automation and reporting.

Siemplify launches the Nucleus Channel Partner Program. Leading security channel partners such as INNO4, SeeGee Technologies, RKON, and Gotham Technology Group and others are making Siemplify ThreatNexus available to their customers nationally.

Bill Frank, VP of Security Services for INNO4, explains, “We’ve chosen to partner with Siemplify because the ThreatNexus platform delivers a comprehensive end-to-end security solution that enterprises have been craving. We believe Siemplify provides a crucial capability that inherently changes the way enterprises perform incident response.”

Daniel Lakier, President and CTO of SeeGee Technologies said, “With Siemplify, we see a tremendous opportunity to build a practice around helping customer security operations teams to realize the full value of their security portfolio while ultimately becoming more secure.”

Siemplify is providing partners with extensive training and support to ensure success.

CRN reported on the launch of Siemplify’s Partner Program, an official program with protected margins, deal registration, and engineering enablement

Siemplify currently has five finalized partnerships and an additional 20 are in negotiations.

Bill Frank, Vice President of Security Services of INNO4, one of Siemplify’s partners, described his partner evaluation process, saying, “We’re looking for highly differentiated technology that helps solve a problem, coupled with a good reseller program.”

Siemplify is launching its Nucleus Channel Partner Program to sell more of its ThreatNexus security operations platform by making it available to partners and their customers nationally.

As part of the launch, Siemplify also announced multiple partnerships with security channel partners, including INNO4, SeeGee Technologies, RKON and Gotham Technology Group.

Packetpushers reports that Siemplify has added orchestration to their ThreatNexus software in order to enable greater automation. ThreatNexus helps security teams investigate events and accelerate response times. By adding orchestration, teams can generate workflows to streamline incident management. Additionally, remediation can be automated, such as activating a firewall rule.

Siemplify™ today announced the availability of a new orchestration module for its Siemplify ThreatNexus™ security operations platform, fulfilling the demand for a complete end-to-end SOC solution. ThreatNexus is the industry’s first security operations platform to fully unify the diverse security tools used in organizations, providing SOCs with a comprehensive platform for security operations and incident response, from case management and analytics, to hunting, intelligence, automation and reporting. For the first time, security teams do not need to rely on a patchwork of narrow point solutions to power their SOC. Instead, they can leverage ThreatNexus to deliver the full capabilities needed for the next-generation SOC and reduce incident response times from days to minutes.

“Enterprise security teams are heavily invested in detection tools, yet they struggle to make sense of the deluge of threat data,” said Amos Stern, CEO and co-founder of Siemplify. “The result is that threats linger, and security teams lack context to contain attacks. Our ThreatNexus platform addresses this gap, and our new orchestration module completes our vision, giving security teams added flexibility to define autonomous responses that further cut dwell time.”

ThreatNexus:

Delivers a powerful core engine that fuses disparate security data and tools – creating a unified and highly adaptive contextual model

Provides tightly coupled capabilities across threat management, visual investigation, orchestration, hunting, threat intelligence, reporting and analytics, all purposely built to address the full scope of best practices of a modern SOC

With the addition of the orchestration engine enables a full range of automation capabilities: a playbook to standardize incident management processes; a semi-automatic workflow, such as validation of an incident prior to opening it; or complete automation of incident response

The full scope of the ThreatNexus platform enables response to all types of attacks both autonomously and where human intervention will continue to be required. The result accelerates and improves every phase of the security operation process.

“ThreatNexus has transformed our SOC operations,” said Arieh Shalem, CISO at Partner Telecom. “The ability to connect our historically disparate tools and data to one pane of glass has enabled us to shorten the time from detection to mitigation from weeks to minutes. ThreatNexus is increasingly the primary tool our team relies on to power our SOC.”

Startup Siemplify is giving users the ability to build an automated playbook of responses to network intrusions.

The company is announcing general availability of an orchestration feature for ThreatNexus, its security operations platform. Orchestration had been available in beta; today’s announcement makes the feature more official.

Editor’s note: Siemplify today announced the availability of a new orchestration module for its ThreatNexus™ security operations platform, fulfilling the demand for a complete end-to-end solution for security operations centers (SOCs). ThreatNexus is the industry’s first security operations platform to fully unify the diverse security tools used in organizations, providing SOCs with a comprehensive platform for security operations and incident response, from case management and analytics to hunting, intelligence, automation and reporting.

I spoke with Amos Stern, Siemplify’s CEO and co-founder, about the platform’s benefits and how it impacts security in the Internet of Things

Besides being the first end-to-end solution for security operations centers, how does the ThreatNexus platform change the security tools landscape?

Amos Stern: The current landscape is mostly patches of tools. Historically, companies acquired point solutions and had a best-of-breed kind of architecture. Detection systems evolved, and new technology vectors were introduced such as mobile devices, the Internet of Things and cloud. So companies needed to buy a mobile security solution and a cloud security solution. But there is no silver bullet that can protect organizations, so many organizations now have 50 or even 70 different security tools, each focused on a different aspect of the organization. While this was a feasible architecture when organizations had only a firewall and antivirus solution, this is becoming a very unfeasible situation to manage

Bloomberg invites Siemplify CEO, Amos Stern, to address cyber threats, why they are escalating and how companies can protect themselves. He talks with Cory Johnson and Carol Massar about how Siemplify changes the landscape and stands out from other cyber security businesses that all sound the same.

Most companies don’t lack for security products—and that’s become a problem. Firewalls, IDS/IPSs, AV, and a host of other systems generate tons of logs and alerts, forcing security operators and admins to sift through piles of notifications to find relevant information during investigations.

Security Information and Event Management (SIEM) products came to market around 15 years ago to help with information overload by correlating events among disparate security devices, but they haven’t always delivered on their promise of greater visibility.

Network World reports that Siemplify lauches its threat analysis platform and highlights its seamless integration of existing security tools.

Israeli cyber security startup Siemplify has raised $4 million. The investors include 83North Venture Capital (formerly Greylock IL) and angel investors David Strohm (Partner, Greylock Partners), Alex Pinchev (Rackspace president Global Sales and Marketing), Alex Daly, (former ArcSight founder and CEO), Tom Kilroy (EVP Intel), and Moti Gutman (Matrix CEO).

Finsmes reports on Siemplify’s successful round of funding, raising $4 million. Investors include: 83North Venture Capital (formerly Greylock IL), David Strohm, Partner, Greylock Partners, and others. Siemplify will use the funds to launch its solution.

Transforming the way enterprises perform cyberthreat analysis, Siemplify emerged from stealth mode today with the first security operations platform to employ the same advanced cybersecurity methodologies used by leading military intelligence organizations.

The Siemplify Threat Analysis Platform automatically correlates security alerts, identifies and prioritizes incidents, and graphically depicts the complete threat chain, setting new standards for time-to-insight and time-to-remediate. The platform acts as a central hub linking an organization’s existing security, threat intelligence and risk management tools, including Splunk and popular SIEMs, effectively improving the return on those investments.

According to a study conducted by HP and the Ponemon Institute, companies need an average of 46 days to resolve a cyberattack. “The problem is not detection per se but discerning the threats hidden in the noise of thousands of alerts generated by the disparate security monitoring systems,” said Amos Stern, CEO and co-founder of Siemplify. “This makes it impossible to see the broader attack chain and identify root cause quickly.”

Israel-founded cyber threat analysis platform Siemplify has come out of stealth by announcing pilots with several companies as well as early adopters in the finance, telecoms, and pharma industries.

The Siemplify Threat Analysis Platform analyses security incidents by priority and creates a context of the threat for the best response. Currently it takes roughly 46 days to resolve a cyberattack, according to a Ponemon Institute study with HP.

“The problem is not detection per se but discerning the threats hidden in the noise of thousands of alerts generated by the disparate security monitoring systems,” said Siemplify CEO Amos Stern. “This makes it impossible to see the broader attack chain and identify root cause quickly.”

Israeli startup Siemplify, which is applying military intelligence tech to enterprise security software, is making its debut in a big way by announcing they have already raised $4 million and are already running cybersecurity trials with several Fortune 50 companies and Israeli banks and telecoms.

Investors include CEO Moti Gutman of Matrix, Exec VP Tom Kilroy of Intel, President Alex Pinchev at Rackspace, David Strohm of Greylock Partners, Alex Daly and 83North Venture Capital. Siemplify is also a product of the fifth batch at the Microsoft Ventures Accelerator in Tel Aviv.

Israeli cybersecurity firm Siemplify said on Thursday it has raised $4 million as it launched its platform that reduces the time between cyber attack identification and resolution.

The company, whose investors include 83North Venture Capital, said it uses real-time graph analysis and methodologies gained from military intelligence.

With millions of cyberattacks being launched against the private sector every day, enterprises can no longer afford to wait weeks for their security teams to manually track down every breach. The latest startup to take a shot at speeding detection times is Siemplify Ltd., which came out of stealth mode today with a threat analysis platform that uses an organization’s existing network monitoring mechanisms in order to identify data leaks.

The software can interface with everything from traditional all-in-one security tracking suites to more modern software like Splunk Inc.’s popular namesake platform for aggregating operational logs. After everything is properly integrated, the records from the different systems are streamed into a centralized repository and correlated to uncover patterns that may not emerge when each data source is examined individually. The approach makes it possible to determine the full scope of an attack and weed out false positives in the process.

Siemplify on Thursday launched its threat analytics platform, which correlates security alerts and prioritizes incidents, out of stealth mode. The company also announced $4 million in seed funding from 83North Venture Capital (formerly Greylock Israel), Greylock Partners partner David Strohm, Rackspace executive Alex Pinchev, ArcSight founder Alex Daly, Intel Executive Vice President Tom Kilroy and Matrix CEO Moti Gutman.

Lessons from building the threat intelligence platform for the Israeli Defence Force form the technical foundations of a new security startup called Siemplify.

Siemplify’s tech is designed to contextualise threat alerts from the disparate array of security technologies on enterprise networks (anti-malware, intrusion detection systems, firewalls and more). Its platform acts as a central hub linking an organisation’s existing security, threat intelligence and risk management tools, including Splunk and other popular (security information and event management systems) SIEMs, before consolidating and correlating alerts.