Endpoint Security and Network Monitoring News for the Week of March 17; Xage Security, ngrok, Hoxhunt, and More
The editors at Solutions Review have curated this list of the most noteworthy endpoint security and network monitoring news for the week of March 17. This curated list features endpoint security and network monitoring vendors such as Xage Security, ngrok, Hoxhunt, and more.
Keeping tabs on all the most relevant endpoint security and network monitoring news can be a time-consuming task. As a result, our editorial team aims to provide a summary of the top headlines from the last month in this space. Solutions Review editors will curate vendor product news, mergers and acquisitions, venture capital funding, talent acquisition, and other noteworthy endpoint security and network monitoring news items.
Endpoint Security and Network Monitoring News for the Week of March 17
Xage Security Selected by Kinder Morgan for Critical Infrastructure Protection
Xage Security, an OT security solutions provider, this week announced that Kinder Morgan has selected Xage’s zero trust access and data security products to enhance critical infrastructure resilience. With Xage, KMI has a team of experts steeped in cyber hardening and regulatory compliance for IT and Operational Technology (OT) infrastructure. As one of the largest energy infrastructure companies in North America, KMI operates or has an interest in approximately 82,000 miles of pipelines that transport 40 percent of the natural gas in the U.S., as well as 140 terminals that store and handle renewable fuels, petroleum products, vegetable oils and other materials.
New Relic Announces JFrog Integration
New Relic, a cybersecurity solutions provider, and JFrog, a DevOps and Software Supply Chain security solutions vendor, announced an integration that gives engineering teams a single point of access to monitor and keep software development operations running efficiently. Using New Relic alongside JFrog provides real-time visibility into CI/CD pipelines, APIs, and web application development workflows, empowering DevOps and security leaders to quickly address software supply chain performance and security issues. The integration is available via New Relic Instant Observability, the largest open ecosystem of integrations with 500+ cloud services, tools, and pre-built resources designed to help engineers with observability.
ngrok Expands Free Access to Security Features
ngrok, an ingress-as-a-service platform, this week announced it has expanded free access to security features. Developers on ngrok’s free plan can now take advantage of webhook validation and the ability to restrict access to services with OAuth. The free plan now includes OAuth integrations with Amazon, Facebook, Twitch, GitHub, GitLab, Google, LinkedIn, and Microsoft. With free webhook validation, developers can easily secure their webhook communications — up to 500 requests a month — with a single command.
Hoxhunt ChatGPT / Cybersecurity Research: “Human-Made Phishing Still More Successful than AI-Made”
Hoxhunt, a risk management and behavioral cybersecurity solutions provider, this week released a research report that analyzes the effectiveness of ChatGPT-generated phishing attacks. The study, which analyzed more than 53,000 email users in over 100 countries, compare the win-rate on simulated phishing attacks created by human social engineers and those created by AI large language models. While the potential for ChatGPT to be utilized for malicious phishing activity continues to capture everyone’s imagination, Hoxhunt’s research highlights that human social engineers still outperform AI in terms of inducing clicks on malicious links. The study revealed that professional red teamers induced a 4.2 percent click rate, vs. a 2.9 percent click rate by ChatGPT in the population sample of email users. Humans remained clearly better at hoodwinking other humans, outperforming AI by 69 percent. The study also revealed that users with more experience in a security awareness and behavior change program displayed significant protection against phishing attacks by both human and AI-generated emails with failure rates dropping from over 14 percent with less trained users to between 2-4 percent with experienced users.
Expert Insights Section
Watch this space each week as Solutions Review editors will use it to share new Expert Insights Series articles, Contributed Shorts videos, Expert Roundtable and event replays, and other curated content to help you gain a forward-thinking analysis and remain on-trend. All to meet the demand for what its editors do best: bring industry experts together to publish the web’s leading insights for enterprise technology practitioners.
Browser Security Without Compromising on Productivity or Experience
A key access point for critical applications and collaboration solutions, web browsers are an essential tool for business productivity– up there with email and morning coffee. Between growing digitization and remote work, workforces have grown more and more reliant on browser-based apps and extensions, which provide employees with increasingly creative ways to work and interact.
Old Threats, New Access: The Danger of Old Vulnerabilities
Zero-day vulnerabilities are dangerous. Unknown to cybersecurity teams by definition, they represent an opportunity for attackers to infiltrate networks through a door no one else knows exists. However, despite the attention zero days get among the security community and in the press, they are not the vulnerabilities most likely to come back to bite security teams. That distinction belongs to existing, unpatched vulnerabilities. According to Qualys, of the top five common vulnerabilities and exposures (CVEs) exploited for ransomware attacks over the last five years, more than 60 percent had a patch available since at least 2013.