34th Annual FIRST Conference | Neart Le Chéile - Strength Together
Sponsorship Team
FIRST gratefully acknowledges its conference sponsors & supporters for their contributions to the security community:
Diamond
-
AWS
Our cybersecurity knowledge isn't just based on our internal knowledge and experience, but on what we learn from customer feedback and reports from independent and industry security researchers. We greatly appreciate our partnership with the security community to protect customers around the globe. https://aws.amazon.com/
-
SentinelOne
SentinelOne (https://www.sentinelone.com/), founded in 2013 and headquartered in Mountain View, California, is a publicly-traded (NYSE:S) cybersecurity pioneer delivering autonomous security for endpoints, data centers, and cloud environments to help organizations secure their assets with speed and simplicity.
SentinelOne’s mission is to keep the world running by protecting and securing the core pillars of modern infrastructure: data and the systems that store, process, and share information. As attackers evolve rapidly in their quest to disrupt operations, breach data, turn a profit, and inflict damage, we stay a step ahead by evolving our technology and expertise.
SentinelOne serves Global and Strategic Enterprises, Mid-Market and Small-Medium Sized Businesses (SMBs), the Public Sector, Managed Service Providers (MSPs), and Managed Security Service Provider (MSSP) sales programs to meet the needs of diverse customer profiles. SentinelOne leverages a well-established channel partner and distributor program through which we service thousands of customers.
SentinelOne technology delivers autonomous, AI & machine learning-driven cybersecurity for the endpoints, data centers, and cloud environments of today’s modern enterprises. Our Solutions enable attack prevention, detection, response, and remediation across all major vectors and encompass these functions and services:
• Extended Detection Response (XDR): Provides extensible ingestion and orchestration data lakes and takes Endpoint Detection Response (EDR) to the next level with platform-native capabilities and powerful integrations that surface actionable context through AI-driven insights. Advanced EDR tooling is available for the most demanding secure operations center and incident response teams.
• Endpoint Platform Protection (EPP): Provides prevention and detection leadership with AI-powered models that defeat the most comprehensive array of attack vectors.
• Cloud Workload Protection Platform (CWPP): Provides Cloud Workload Protection Platform (CWPP) functions within the same centralized SaaS platform: a vital requirement for organizations migrating to cloud service provider-based workloads.
• Network Visibility & Control: Simplifies asset inventory and rogue IoT discovery with endpoint-integrated discovery and defense mechanisms built right into the native codebase, helping organizations gain global network visibility and control with minimal friction.
• Additional security services to complement & augment our platform Solutions, including WatchTower intelligence-led threat hunting, Vigilance Managed Detection & Response, and Vigilance Digital Forensics & Incident Response: Vigilance enlists our in-house experts to review, act upon, Singularity Signal: our open threat intelligence platform, and document every product-identified threat that puts your network and reputation at risk, so you can focus attention and resources on the strategy behind your program.Below are some common high-level use cases for the SentinelOne Singularity platform:
• Replacement of legacy and next-generation anti-virus solutions
• Replacement of legacy and modern active and/or passive EDR solutions
• Integration with other components of your security stack
• Vendor consolidation projects aimed at reducing architectural complexity
• Vendor consolidation projects aimed at taking an OS or platform-agnostic approach to security
• Complementary security controls alongside other security stack components -
Uptycs
Uptycs (https://www.uptycs.com/) provides the first unified, cloud-native security analytics platform that enables both endpoint and cloud security from a common solution. The solution provides a unique telemetry-powered approach to address multiple use cases—including Extended Detection & Response (XDR), Cloud Workload Protection (CWPP), and Cloud Security Posture Management (CSPM). Uptycs enables security professionals to quickly prioritize, investigate, and respond to potential threats across a company’s entire attack surface.
The tool suite behind our telemetry-powered approach consists of:
• osquery for hosts, VMs, containers
• kubequery for container orchestration systems
• cloudquery for cloud providers
• saasquery for SaaS applications (coming soon!)
• identityquery for identity providers (coming soon!)
Platinum
-
Platinum
ENISA
The European Union Agency for Cybersecurity, ENISA, is the Union’s agency dedicated to achieving a high common level of cybersecurity across Europe. Established in 2004 and strengthened by the EU Cybersecurity Act, the European Union Agency for Cybersecurity contributes to EU cyber policy, enhances the trustworthiness of ICT products, services and processes with cybersecurity certification schemes, cooperates with Member States and EU bodies, and helps Europe prepare for the cyber challenges of tomorrow. Through knowledge sharing, capacity building and awareness raising, the Agency works together with its key stakeholders to strengthen trust in the connected economy, to boost resilience of the Union’s infrastructure, and, ultimately, to keep Europe’s society and citizens digitally secure. https://www.enisa.europa.eu/
-
Platinum
Palo Alto Networks Unit 42
Palo Alto Networks Unit 42 brings together world-renowned threat researchers with an elite team of incident responders and security consultants to create an intelligence-driven, response-ready organization passionate about helping customers more proactively manage cyber risk. With a deeply rooted reputation for delivering industry-leading threat intelligence, Unit 42 has expanded its scope to provide state-of-the-art incident response and cyber risk management services. Our consultants serve as your trusted advisors to assess and test your security controls against the right threats, transform your security strategy with a threat-informed approach, and respond to incidents in record time. Visit www.paloaltonetworks.com/unit42.
-
Platinum
Torq
Torq is a no-code automation and orchestration platform for security and operations. We empower frontline security teams in their journey to becoming more efficient by allowing them to automate processes using our easy workflow builder, limitless integrations, and numerous prebuilt templates. Built as an enterprise-grade software-as-a-service, Torq can be adopted with ease, delivering results within minutes, unlike traditional security automation solutions that require weeks or months of investment prior to providing value. https://torq.io/
Gold
-
Amazon
It is great to be back at FIRST! At Amazon, we are obsessed with customer trust. Amazon maintains this by guarding the confidentiality and integrity of Amazon and customer data worldwide. Do you want to work on security challenges at unprecedented scale? Our current security career opportunities are listed at https://www.amazon.jobs/en/teams/infosec. We have several opportunities available in global locations such as Dublin, Sydney, Iasi, Bangalore, Tokyo, and several cities in the United States! Talk with us at the Expo! Whether curious about our open positions or just feeling lucky, enter to win a great prize from Amazon! https://www.amazon.jobs/en/teams/infosec
-
Ericsson
Ericsson enables communications service providers to capture the full value of connectivity. The company’s portfolio spans the business areas Networks, Digital Services, Managed Services and Emerging Business. It is designed to help our customers go digital, increase efficiency and find new revenue streams. Ericsson’s innovation investments have delivered the benefits of mobility and mobile broadband to billions of people globally. Ericsson stock is listed on Nasdaq Stockholm and on Nasdaq New York. https://www.ericsson.com
-
LinkedIn
Founded in 2003, LinkedIn connects the world's professionals to make them more productive and successful. With more than 774 million members worldwide, including executives from every Fortune 500 company, LinkedIn is the world's largest professional network. The company has a diversified business model with revenue coming from Talent Solutions, Marketing Solutions, Sales Solutions and Premium Subscriptions products. Headquartered in Silicon Valley, LinkedIn has offices across the globe. https://www.linkedin.com/
-
Tines
Built by security practitioners, Tines is a powerful automation platform that enables security teams to focus on high-impact work. Tines bypasses the need for technical skills and delivers powerful automation straight into the hands of security teams. Tines connects every tool in your workflow in one place. Tines provides deeper incident investigation and response and only involves an analyst when a real threat is identified, allowing them to refocus on more impactful company-specific risk-reduction. Tines is designed from the ground-up to integrate with any external system without having to build an ‘integration’ and is 100% vendor-agnostic. https://www.tines.com/
Silver
-
Conceal
Conceal enables organizations to protect the privacy and security of identities and systems by intelligently selecting and obscuring global network pathways on the Internet. Our next generation zero trust technology with roots in the Intelligence Community is used by Fortune 500 organizations globally to ensure their cyber operations remain secure, anonymous, and non-attributable. For more information, visit https://conceal.io/.
-
Fortinet
Fortinet® (NASDAQ: FTNT), is a global leader in broad, integrated and automated cyber security solutions to CSP's around the world. Fortinet’s security solutions and ecosystem delivers security that is tailored for and integrates with the current and evolving infrastructure and technologies of today’s Mobile Network Operators and Managed Service Providers. https://www.fortinet.com
-
Group-IB
Group-IB is one of the leading providers of solutions dedicated to detecting and preventing cyberattacks, identifying online fraud, investigation of high-tech crimes and intellectual property protection. Group-IB is an active collaborator in global investigations led by international law enforcement organizations, such as Europol and INTERPOL. Group-IB is also a member of the Europol European Cybercrime Centre’s (EC3) Advisory Group on Internet Security created in order to foster closer cooperation between Europol and its leading on-law enforcement partners. Group-IB's experience in threat hunting and cyber intelligence has been fused into an ecosystem of highly sophisticated software and hardware solutions designed to monitor, identify, and prevent cyberattacks. Group-IB's mission is to protect its clients in cyberspace daily, creating and leveraging innovative solutions & services. https://www.group-ib.com/
-
Joe Security
Joe Security develops Joe Sandbox, one of the most advanced automated, deep and interactive malware analysis engine on the market. With a unique multi-technology approach, Joe Sandbox enables security specialists to detect and analyze threats on Windows, macOS, Linux, Android and iOS operating systems. It provides excellent detection rate, unmatched in-depth analysis and evasion resistance. https://www.joesecurity.org/#
-
Mandiant
Since 2004, Mandiant® has been a trusted partner to security-conscious organizations. Effective security is based on the right combination of expertise, intelligence, and adaptive technology, and the Mandiant Advantage SaaS platform scales decades of frontline experience and industry-leading threat intelligence to deliver a range of dynamic cyber defense solutions. Mandiant’s approach helps organizations develop more effective and efficient cyber security programs and instills confidence in their readiness to defend against and respond to cyber threats. https://www.mandiant.com/
-
OTRS
OTRS Group is the manufacturer and the world's largest provider of the enterprise service management suite OTRS, awarded with the SERVIEW CERTIFIED TOOL seal of approval. It offers companies industry-independent solutions for structured communication in customer service, IT service management and security management. In addition to the core product OTRS, the security solutions STORM and CONTROL ensure efficient cybersecurity incident management and transparent documentation in accordance with standards such as ISO 27001.For more visit: https://www.otrs.com
Bronze
-
Cybereason
Cybereason is the champion for today’s cyber defenders, delivering future-ready attack protection that extends beyond the endpoint with Cybereason XDR powered by Google Chronicle. It’s the world’s first true XDR, providing planetary-scale protection to anticipate, expose, and defeat the entire malicious operation. By combining Cybereason’s undefeated defense platform with Google Chronicle’s unmatched speed and scale, Cybereason XDR tilts the scales of history and arms every defender with the weapon they’ve been waiting for. https://www.cybereason.com/
-
DomainTools
DomainTools helps security analysts turn threat data into threat intelligence. We take indicators from your network and connect them with nearly every active domain on the Internet. Fortune 1000 companies, global government agencies, and leading security solution vendors use the DomainTools platform as a critical ingredient in their threat investigation and mitigation work. https://www.domaintools.com/
-
Google
Google is a global technology leader focused on improving the ways people connect with information. Google Security Engineering builds secure software solutions, conducts cutting-edge research on the diverse security and privacy needs of users and uses a wealth of tools, languages, and frameworks — including advanced cryptographic techniques and machine learning. https://www.google.com
-
Intezer
Intezer Analyze is all-in-one malware analysis platform, helping incident response and SOC teams streamline the investigation of any malware-related incident. Classify suspicious files and machines in seconds, accelerate response time, and consolidate multiple malware analysis tools into one. For more information, visit www.intezer.com/intezer-analyze or follow the company on Twitter at @IntezerLabs. https://www.intezer.com/intezer-analyze
-
Recorded Future
Recorded Future is the world’s largest provider of intelligence for enterprise security. By combining persistent and pervasive automated data collection and analytics with human analysis, Recorded Future delivers intelligence that is timely, accurate, and actionable. Recorded Future is trusted by over 1,000 businesses and government organisations around the world. https://www.recordedfuture.com/
-
Threatray
Threatray is a novel analytics and intelligence platform for malware threat identification & detection, hunting, response and analysis. Threatray helps security teams of all skill levels to effectively identify and analyse ongoing and past compromises. All of Threatray's capabilities are resilient to code mutations which are routinely used to evade existing technologies. https://www.threatray.com
Sponsor Showcase Reception
-
SecureWorks
Secureworks is a global cybersecurity leader that protects customer progress with Secureworks® Taegis™, a cloud-native security operations and analytics platform built on 20+ years of real-world threat intelligence and research, improving customers' ability to detect advanced threats, streamline and collaborate on investigations, and automate the right actions. https://www.secureworks.com/
Champions, Partners, & Supporting Sponsors
-
CIRCL - Lanyard Sponsor
The Computer Incident Response Center Luxembourg (CIRCL) is a government-driven initiative designed to gather, review, report and respond to computer security threats and incidents. CIRCL is operated by SMILE - “security made in Lëtzebuerg” GIE, which is also the host organization for CASES and the Cyber Competence Center (C3) of Luxembourg. https://circl.lu/
-
Hitachi - Challenge Coin Sponsor
Hitachi proceeds with the development of new technologies and products that respond to the increasing demand for safety and security in the Social Innovation Business. http://www.hitachi.com/
-
Intezer - Tee Shirt
Intezer Analyze is all-in-one malware analysis platform, helping incident response and SOC teams streamline the investigation of any malware-related incident. Classify suspicious files and machines in seconds, accelerate response time, and consolidate multiple malware analysis tools into one. For more information, visit www.intezer.com/intezer-analyze or follow the company on Twitter at @IntezerLabs. https://www.intezer.com/intezer-analyze
-
OASIS - FIRST Partner
OASIS is a nonprofit consortium that advances open standards and open source development on a global scale. We're the home of KMIP, STIX, TAXII, OpenC2, PKCS#11, SAML and CACAO course-of-action playbooks. Among many open source projects is our Open Cybersecurity Alliance (OCA). OCA is building an open ecosystem where cybersecurity products interoperate without the need for customized integrations. Any initiative for developing code, APIs, specifications, or reference implementations can find a home at OASIS. Each project operates independently under industry-approved process and IPR policies. New work is encouraged, and all are welcome to participate. OASIS members can be found in 100+ countries on virtually every continent. Major multinational companies, SMEs, government agencies, universities, research institutions, consulting groups, and individuals are represented.http://www.oasis-open.org
-
Resecurity - Champion
Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence. Known for providing best-of-breed data-driven intelligence solutions, Resecurity's services and platforms focus on early-warning identification of data breaches and comprehensive protection against cybersecurity risks. Founded in 2016, it has been globally recognized as one of the world's most innovative cybersecurity companies with the sole mission of enabling organizations to combat cyber threats regardless of how sophisticated they are. Most recently, Resecurity was named as one of the Top 10 fastest-growing private cybersecurity companies in Los Angeles, California by Inc. Magazine.
To learn more about Resecurity, visit https://resecurity.com. -
University College Dublin - Champion
The UCD MSc Cybersecurity is a part-time blended learning course preparing IT professionals for careers in cybersecurity. Lectures are online, complemented by occasional full-day workshops on campus, allowing for flexible learning but with face-to-face interactions. It will help upskill professionals to protect their organisations, customers and the public. https://www.ucd.ie/cs
Local Host
-
NCSC Ireland
The National Cyber Security Centre (NCSC) was founded in 2011 and is an operational arm of the Department of the Environment, Climate and Communications (DECC). The NCSC is responsible for advising and informing Government IT and Critical National Infrastructure providers of current threats and vulnerabilities associated with network information security. The main roles of the NCSC are to lead in the management of major cyber security incidents across government, provide guidance and advice to citizens and businesses on major cyber security incidents, and develop strong international relationships in the global cyber security community for the purposes of information sharing. In the period since 2011, the unit has focused its efforts on building capacity and establishing a stable base for its operational work. The NCSC encompasses the State’s National/Governmental Computer Security Incident Response Team (CSIRT-IE). CSIRT-IE is an internationally accredited response team with its main function being the enhancement of situational awareness for constituents and for the provision of incident response for national cyber security incidents. CSIRT-IE has initially focused on the State sector and acts as a national point of contact for all cyber security matters concerning Ireland. https://www.ncsc.gov.ie/
Our Exhibitors
-
Amazon
It is great to be back at FIRST! At Amazon, we are obsessed with customer trust. Amazon maintains this by guarding the confidentiality and integrity of Amazon and customer data worldwide. Do you want to work on security challenges at unprecedented scale? Our current security career opportunities are listed at https://www.amazon.jobs/en/teams/infosec. We have several opportunities available in global locations such as Dublin, Sydney, Iasi, Bangalore, Tokyo, and several cities in the United States! Talk with us at the Expo! Whether curious about our open positions or just feeling lucky, enter to win a great prize from Amazon! https://www.amazon.jobs/en/teams/infosec
-
AWS
Our cybersecurity knowledge isn't just based on our internal knowledge and experience, but on what we learn from customer feedback and reports from independent and industry security researchers. We greatly appreciate our partnership with the security community to protect customers around the globe. https://aws.amazon.com/
-
Arctic Security
Cyber attacks are not victimless crimes. Arctic Security helps CERT’s and National Cyber Security Centers automate victim notification at scale to their constituents. Automated victim notification is now easy to set up and to operate. Please contact us to learn how you can start helping organizations in your country. https://www.arcticsecurity.com/
-
Bank of America
As one of the world’s leading financial institutions, we support 66 million customers in finance, from individuals, to businesses, governments and institutions. With a 200,000 strong workforce in more than 35 countries, you’ll find us all over the world, from the Americas to Europe, the Middle East & Africa and Asia, helping to make our customers lives better. And, we care about supporting our colleagues across the globe as much as our customers. In 2021, we were ranked as one of the “100 Best Companies to Work For” for the third consecutive year by Fortune magazine and the global research and consulting firm Great Place to Work®. https://www.bankofamerica.com/
-
Conceal
Conceal enables organizations to protect the privacy and security of identities and systems by intelligently selecting and obscuring global network pathways on the Internet. Our next generation zero trust technology with roots in the Intelligence Community is used by Fortune 500 organizations globally to ensure their cyber operations remain secure, anonymous, and non-attributable. For more information, visit https://conceal.io/.
-
CTM360
CTM360 is a global Digital Risk Protection Platform. Trusted by 150+ banks and financial institutions, CTM360 detects, manages and responds to threats and vulnerabilities across the Surface, Deep & Dark web. CTM360 seamlessly consolidates external attack surface management, cyber threat intelligence, cybersecurity risk scoring, third-party vendor monitoring, brand protection / anti-phishing, unlimited takedowns and more. https://www.ctm360.com/
-
Cybereason
Cybereason is the champion for today’s cyber defenders, delivering future-ready attack protection that extends beyond the endpoint with Cybereason XDR powered by Google Chronicle. It’s the world’s first true XDR, providing planetary-scale protection to anticipate, expose, and defeat the entire malicious operation. By combining Cybereason’s undefeated defense platform with Google Chronicle’s unmatched speed and scale, Cybereason XDR tilts the scales of history and arms every defender with the weapon they’ve been waiting for. https://www.cybereason.com/
-
EclecticIQ
EclecticIQ is a global provider of threat intelligence, hunting and response technology and services. Stay ahead of rapidly evolving threats and outmaneuver your adversaries by embedding Intelligence at the core™ of your cyberdefenses with our open and extensible cybersecurity platform and ecosystem. The most targeted organizations in the world – including governments and large enterprises – use our platform to operationalize threat intelligence, enable threat hunting, detection and response, and accelerate collaboration. Founded in 2014, EclecticIQ is a leading European cybersecurity vendor operating worldwide with offices and teams across Europe and UK, North America, India and via value-add partners. https://www.eclecticiq.com
-
Ericsson
Ericsson enables communications service providers to capture the full value of connectivity. The company’s portfolio spans the business areas Networks, Digital Services, Managed Services and Emerging Business. It is designed to help our customers go digital, increase efficiency and find new revenue streams. Ericsson’s innovation investments have delivered the benefits of mobility and mobile broadband to billions of people globally. Ericsson stock is listed on Nasdaq Stockholm and on Nasdaq New York. https://www.ericsson.com
-
ENISA
The European Union Agency for Cybersecurity, ENISA, is the Union’s agency dedicated to achieving a high common level of cybersecurity across Europe. Established in 2004 and strengthened by the EU Cybersecurity Act, the European Union Agency for Cybersecurity contributes to EU cyber policy, enhances the trustworthiness of ICT products, services and processes with cybersecurity certification schemes, cooperates with Member States and EU bodies, and helps Europe prepare for the cyber challenges of tomorrow. Through knowledge sharing, capacity building and awareness raising, the Agency works together with its key stakeholders to strengthen trust in the connected economy, to boost resilience of the Union’s infrastructure, and, ultimately, to keep Europe’s society and citizens digitally secure. https://www.enisa.europa.eu/
-
Google
Google is a global technology leader focused on improving the ways people connect with information. Google Security Engineering builds secure software solutions, conducts cutting-edge research on the diverse security and privacy needs of users and uses a wealth of tools, languages, and frameworks — including advanced cryptographic techniques and machine learning. https://www.google.com
-
Group-IB
Group-IB is one of the leading providers of solutions dedicated to detecting and preventing cyberattacks, identifying online fraud, investigation of high-tech crimes and intellectual property protection. Group-IB is an active collaborator in global investigations led by international law enforcement organizations, such as Europol and INTERPOL. Group-IB is also a member of the Europol European Cybercrime Centre’s (EC3) Advisory Group on Internet Security created in order to foster closer cooperation between Europol and its leading on-law enforcement partners. Group-IB's experience in threat hunting and cyber intelligence has been fused into an ecosystem of highly sophisticated software and hardware solutions designed to monitor, identify, and prevent cyberattacks. Group-IB's mission is to protect its clients in cyberspace daily, creating and leveraging innovative solutions & services. https://www.group-ib.com/
-
Intel 471
Intel 471 empowers enterprises and government agencies to win the cyber security war. Clients across the globe trust our TITAN platform to deliver intelligence about the latest malicious actors, relationships, threat patterns, and imminent attacks. https://intel471.com/
-
Intezer
Intezer Analyze is all-in-one malware analysis platform, helping incident response and SOC teams streamline the investigation of any malware-related incident. Classify suspicious files and machines in seconds, accelerate response time, and consolidate multiple malware analysis tools into one. For more information, visit www.intezer.com/intezer-analyze or follow the company on Twitter at @IntezerLabs. https://www.intezer.com/intezer-analyze
-
Joe Security
Joe Security develops Joe Sandbox, one of the most advanced automated, deep and interactive malware analysis engine on the market. With a unique multi-technology approach, Joe Sandbox enables security specialists to detect and analyze threats on Windows, macOS, Linux, Android and iOS operating systems. It provides excellent detection rate, unmatched in-depth analysis and evasion resistance. https://www.joesecurity.org/#
-
Mandiant
Since 2004, Mandiant® has been a trusted partner to security-conscious organizations. Effective security is based on the right combination of expertise, intelligence, and adaptive technology, and the Mandiant Advantage SaaS platform scales decades of frontline experience and industry-leading threat intelligence to deliver a range of dynamic cyber defense solutions. Mandiant’s approach helps organizations develop more effective and efficient cyber security programs and instills confidence in their readiness to defend against and respond to cyber threats. https://www.mandiant.com/
-
Mitiga
Organizations rely on Mitiga technology and services to lower the impact of cyber breaches and optimize their cloud security incident readiness and resilience by dramatically accelerating investigation, response, and time to recovery for cloud and hybrid environments. https://www.mitiga.io/
-
NCSC Ireland
The National Cyber Security Centre (NCSC) is an operational arm of the Department of the Environment, Climate and Communications (DECC). The NCSC is responsible for advising and informing Government IT and Critical National Infrastructure providers of current threats and vulnerabilities associated with network information security. The main roles of the NCSC are to lead in the management of major cyber security incidents across government, provide guidance and advice to citizens and businesses on major cyber security incidents, and develop strong international relationships in the global cyber security community for the purposes of information sharing. https://www.ncsc.gov.ie/
-
NRD Cyber Security
NRD Cyber Security helps nations and organizations enhance their cyber resilience. The company specializes in the establishment and modernization of cybersecurity teams (CSIRTs) and security operations centers (SOCs) as well as cyber threat intelligence and NDR solutions. https://www.nrdcs.lt/
-
OTRS
OTRS Group is the manufacturer and the world's largest provider of the enterprise service management suite OTRS, awarded with the SERVIEW CERTIFIED TOOL seal of approval. It offers companies industry-independent solutions for structured communication in customer service, IT service management and security management. In addition to the core product OTRS, the security solutions STORM and CONTROL ensure efficient cybersecurity incident management and transparent documentation in accordance with standards such as ISO 27001.For more visit: https://www.otrs.com
-
Palo Alto Networks Unit 42
Palo Alto Networks Unit 42 brings together world-renowned threat researchers with an elite team of incident responders and security consultants to create an intelligence-driven, response-ready organization passionate about helping customers more proactively manage cyber risk. With a deeply rooted reputation for delivering industry-leading threat intelligence, Unit 42 has expanded its scope to provide state-of-the-art incident response and cyber risk management services. Our consultants serve as your trusted advisors to assess and test your security controls against the right threats, transform your security strategy with a threat-informed approach, and respond to incidents in record time. Visit https://paloaltonetworks.com/unit42.
-
Quarkslab
Quarkslab is a company specialised in information security R&D, consulting and software development. Our expertise combines offensive and defensive security in application protection and helps organisations adopt a new security posture: Force the attackers, not the defender, to adapt constantly. Through our consulting services as well as our software we provide tailored solutions to organisations, helping them protect their assets, sensitive data, and users against increasingly sophisticated attacks. https://www.quarkslab.com
-
Recorded Future
Recorded Future is the world’s largest provider of intelligence for enterprise security. By combining persistent and pervasive automated data collection and analytics with human analysis, Recorded Future delivers intelligence that is timely, accurate, and actionable. Recorded Future is trusted by over 1,000 businesses and government organisations around the world. https://www.recordedfuture.com/
-
SecureWorks
Secureworks is 100% focused on cybersecurity. In fact, it’s all we do. For nearly two decades, we’ve committed to fighting the adversaries in all their forms and ensuring that organizations like yours are protected. Secureworks® Taegis™, a cloud-native security analytics platform built on 20+ years of real-world threat intelligence and research, improves your ability to detect advanced threats, streamline and collaborate on investigations, and automate the right actions. https://www.secureworks.com/
-
SentinelOne
SentinelOne (https://www.sentinelone.com/), founded in 2013 and headquartered in Mountain View, California, is a publicly-traded (NYSE:S) cybersecurity pioneer delivering autonomous security for endpoints, data centers, and cloud environments to help organizations secure their assets with speed and simplicity.
SentinelOne’s mission is to keep the world running by protecting and securing the core pillars of modern infrastructure: data and the systems that store, process, and share information. As attackers evolve rapidly in their quest to disrupt operations, breach data, turn a profit, and inflict damage, we stay a step ahead by evolving our technology and expertise.
SentinelOne serves Global and Strategic Enterprises, Mid-Market and Small-Medium Sized Businesses (SMBs), the Public Sector, Managed Service Providers (MSPs), and Managed Security Service Provider (MSSP) sales programs to meet the needs of diverse customer profiles. SentinelOne leverages a well-established channel partner and distributor program through which we service thousands of customers.
SentinelOne technology delivers autonomous, AI & machine learning-driven cybersecurity for the endpoints, data centers, and cloud environments of today’s modern enterprises. Our Solutions enable attack prevention, detection, response, and remediation across all major vectors and encompass these functions and services:
• Extended Detection Response (XDR): Provides extensible ingestion and orchestration data lakes and takes Endpoint Detection Response (EDR) to the next level with platform-native capabilities and powerful integrations that surface actionable context through AI-driven insights. Advanced EDR tooling is available for the most demanding secure operations center and incident response teams.
• Endpoint Platform Protection (EPP): Provides prevention and detection leadership with AI-powered models that defeat the most comprehensive array of attack vectors.
• Cloud Workload Protection Platform (CWPP): Provides Cloud Workload Protection Platform (CWPP) functions within the same centralized SaaS platform: a vital requirement for organizations migrating to cloud service provider-based workloads.
• Network Visibility & Control: Simplifies asset inventory and rogue IoT discovery with endpoint-integrated discovery and defense mechanisms built right into the native codebase, helping organizations gain global network visibility and control with minimal friction.
• Additional security services to complement & augment our platform Solutions, including WatchTower intelligence-led threat hunting, Vigilance Managed Detection & Response, and Vigilance Digital Forensics & Incident Response: Vigilance enlists our in-house experts to review, act upon, Singularity Signal: our open threat intelligence platform, and document every product-identified threat that puts your network and reputation at risk, so you can focus attention and resources on the strategy behind your program.Below are some common high-level use cases for the SentinelOne Singularity platform:
• Replacement of legacy and next-generation anti-virus solutions
• Replacement of legacy and modern active and/or passive EDR solutions
• Integration with other components of your security stack
• Vendor consolidation projects aimed at reducing architectural complexity
• Vendor consolidation projects aimed at taking an OS or platform-agnostic approach to security
• Complementary security controls alongside other security stack components -
Semperis
For security teams defending hybrid and multi-cloud environments, Semperis ensures integrity and availability of critical enterprise directory services at every step in the cyber kill chain and cuts recovery time by 90%. Purpose-built for securing Active Directory, Semperis’ technology protects over 40million identities from cyberattacks, data breaches, and operational errors. https://www.semperis.com
-
Thinkst Canary
Most companies discover they've been breached way too late. Thinkst Canary fixes this: just 3 minutes of setup and no ongoing overhead and you too can detect attackers long before they dig in. https://canary.tools/
-
Threatray
Threatray is a novel analytics and intelligence platform for malware threat identification & detection, hunting, response and analysis. Threatray helps security teams of all skill levels to effectively identify and analyse ongoing and past compromises. All of Threatray's capabilities are resilient to code mutations which are routinely used to evade existing technologies. https://www.threatray.com
-
Tines
Built by security practitioners, Tines is a powerful automation platform that enables security teams to focus on high-impact work. Tines bypasses the need for technical skills and delivers powerful automation straight into the hands of security teams. Tines connects every tool in your workflow in one place. Tines provides deeper incident investigation and response and only involves an analyst when a real threat is identified, allowing them to refocus on more impactful company-specific risk-reduction. Tines is designed from the ground-up to integrate with any external system without having to build an ‘integration’ and is 100% vendor-agnostic. https://www.tines.com/
-
Torq
Torq is a no-code automation and orchestration platform for security and operations. We empower frontline security teams in their journey to becoming more efficient by allowing them to automate processes using our easy workflow builder, limitless integrations, and numerous prebuilt templates. Built as an enterprise-grade software-as-a-service, Torq can be adopted with ease, delivering results within minutes, unlike traditional security automation solutions that require weeks or months of investment prior to providing value. https://torq.io/
-
Uptycs
Uptycs (https://www.uptycs.com/) provides the first unified, cloud-native security analytics platform that enables both endpoint and cloud security from a common solution. The solution provides a unique telemetry-powered approach to address multiple use cases—including Extended Detection & Response (XDR), Cloud Workload Protection (CWPP), and Cloud Security Posture Management (CSPM). Uptycs enables security professionals to quickly prioritize, investigate, and respond to potential threats across a company’s entire attack surface.
The tool suite behind our telemetry-powered approach consists of:
• osquery for hosts, VMs, containers
• kubequery for container orchestration systems
• cloudquery for cloud providers
• saasquery for SaaS applications (coming soon!)
• identityquery for identity providers (coming soon!) -
VMRay
VMRay brings leading threat detection and analysis technologies to enterprises, government agencies and research institutions worldwide. VMRay’s unique monitoring approach has overcome the detection issues of common sandboxing architectures – a breakthrough in automated malware analysis. Effective threat protection starts with effective threat detection. https://www.vmray.com