Gartner predicts a rise in cyberattacks targeting companies' software supply chains. Their projection estimates that nearly half, 45% of organizations globally, will be hit by such an attack by 2025. This represents a threefold increase from just a few years ago and means the vulnerability will only grow.
Supply chain attacks target the software used by businesses by infiltrating it at an earlier stage to gain access to multiple organizations that rely on the same software. This is potentially devastating, causing data breaches, operational disruptions and financial losses.
Companies must prioritize securing their software supply chains. It is very important that they do so. That’s why ManageEngine, a division of Zoho Corp., announced the integration of its SIEM solution, Log360, with Constella Intelligence, a digital risk protection platform, in a move that equips organizations with a critical first line of defense against supply chain attacks.
ManageEngine provides IT management software for businesses of all sizes. Their solutions, including on-premises and cloud-based options, address security and IT operations for both global organizations and managed service providers.
Log360 is a unified SIEM solution with integrated DLP and CASB capabilities that detects, prioritizes, investigates and responds to security threats. By enabling proactive monitoring of the deep and dark web for leaked credentials with this integration, Log360 allows businesses to take immediate action and prevent cyberattacks, thereby safeguarding critical data and minimizing operational disruptions.
“At ManageEngine, we have been deeply focused on strengthening the capabilities of our security suite of products, specifically Log360's threat detection, investigation and response module,” said Manikandan Thangaraj, Vice President at ManageEngine. “The integration with Constella Intelligence shortens threat detection time by proactively uncovering leaks on the dark web. This integration empowers security operations centers to act faster, even with limited resources and neutralize threats before they strike.”
This integration scans the deep and dark web 24/7 for leaked credentials associated with the organization, its employees and third-party vendors. This ongoing monitoring results in timely alerts about potential vulnerabilities.
Upon identifying leaked credentials, organizations proactively collaborate with affected vendors to implement mitigation measures, such as password resets and strengthened security protocols. This enhances the overall security posture of the supply chain and reduces the potential attack surface.
Log360 also correlates suspicious network activity with leaked credentials, potentially revealing a larger supply chain attack for a unified view that facilitates a faster and more effective security response.
The integration also lets organizations receive immediate alerts with details of the breach upon detection of leaked credentials. Log360's Incident Workbench, a threat investigation console, provides insights into the leak's source, scope and potential impact on the organization and its supply chain partners.
Lastly, organizations gain insights into attacker behavior and anticipate their next moves. In the event of a compromised credential, Log360's Incident Workbench, with the aid of contextual analytics, guides investigations to contain threats and minimize potential damage.
The integration of Log360, with Constella Intelligence acts as a force multiplier by giving more power to lean security teams in a climate of limited cybersecurity expertise.
Edited by
Alex Passett
