Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Welcome to the Nucleus Product Update 3.9. As we approach Thanksgiving, we’d like to start by expressing our appreciation for you and the rest of the Nucleus family. Thank you for being a part of our community and contributing to our collective growth and success. We have so much to be thankful for this year, especially YOU! We hope you have a wonderful holiday celebrating all there is to be grateful for and enjoying a great meal with the people you love most.

In today's digital landscape, organizations face increasingly sophisticated cyber threats that can compromise sensitive data, disrupt operations, and tarnish their reputation. To mitigate these risks, regulatory frameworks have been developed to ensure robust cybersecurity practices.

Identity Manager governs and secures your organization’s data and users, meets uptime requirements, reduces risk and satisfies compliance by giving users access to data and applications they need – and only what they need – whether on-premises, hybrid or in the cloud. Now, identity security can be driven by business needs, not by IT capabilities. With Identity Manager, you can unify security policies and satisfy governance needs — today and long into the future.

GitGuardian can now help you check if your (already) hardcoded secrets have not also leaked publicly in code, issues and gists of projects located outside your GitHub organizations.

Cyber risks for small and medium-sized businesses (SMBs) have never been higher. SMBs face a barrage of attacks, including ransomware, malware and variations of phishing/vishing. This is one reason why the Cybersecurity and Infrastructure Security Agency (CISA) states “thousands of SMBs have been harmed by ransomware attacks, with small businesses three times more likely to be targeted by cybercriminals than larger companies.”

Every day more than 2 billion documents and emails are added to Microsoft 365, making this critical data a priority target for ransomware and other cyber attacks. After all, 61% of attacks affect SaaS applications, the most targeted platform / environment. This data can also often be unstructured, and rapidly processing and managing the content at enterprise scale is critical when it comes to both applying protection and performing restores.

When it comes to conducting vendor security reviews, the two most time-consuming tasks are gathering the relevant information from your vendor and analyzing it thoroughly. Last month, we announced AI-powered security document analysis to drastically simplify the process of extracting insights from SOC 2 reports, DPAs, and other sources that document a vendor’s security posture.

CyberArk MFA now supports authentication with phishing-resistant passkeys and qualifies for the highest NIST Authenticator Assurance Level (AAL3). Based on FIDO2 standards, passkeys replace passwords and provide faster, easier and more secure sign-ins to websites and apps across user devices. With this release, end users can authenticate using passkeys to access their applications and resources.

It’s been a long journey toward securing and optimizing the enterprise branch, from the days of rigid MPLS networks to the agile era of SD-WAN. Now comes the next stage of that journey: Secure access service edge (SASE), which, when architected correctly, converges the most important network and security capabilities into a single cloud-delivered service. Before we talk about how, though, let’s examine why SASE’s moment is now.

Elastic Security 8.11 introduces pipe queries with Elasticsearch Query Language (ES|QL), an Elastic AI Assistant connector for AWS Bedrock, and data integrations for Okta, Microsoft Entra ID, Wiz, and Palo Alto Prisma Cloud. Together, these enhancements deliver vital guidance and context to threat hunters and investigators. Elastic Security 8.11 is available now on Elastic Cloud — the only hosted Elasticsearch® offering to include all of the new features in this latest release.