Beyond Identity unveiled new software for closing critical vulnerabilities, announced new integration with Splunk to deliver granular authentication event data, at the device level, in real-time. The collaboration should help to power investigations and identify problematic and risky behavior by remote workers.
Specifically, the integration pushes aggregated detail concerning authentication events – including device identity and security – to Splunk for further analysis. Culled insight will support security and threat-intelligence teams, alerting them of “problematic behaviors” and “operational issues” based on past attacks. Then, in near real time, the service will reduce noise for analysts without requiring disparate data streams.
Beyond Identity is specifically leveraging what it calls “immutable and granular authentication records based on strong cryptographically device-bound identities.” The company noted that Splunk’s Security Information and Event Management (SIEM) tools offer “complete visibility” into network activity to promote real-time threat response, with Splunk users also benefitting from aggregated, device-level authentication and device data security for:
- Investigating incidents.
- Assessing impact and severity.
- Building models to identify issues.
- Feeding real-time risk signals into Splunk.
At the same time, Beyond Identity introduced a new “groundbreaking” software set – the Secure DevOps product- for closing critical vulnerabilities and securing the software supply chain against insider threat and malicious attack.
Secure DevOps provides a secure, automated method for confirming that source code entering a corporate repository and processed by the continuous integration/continuous deployment (CI/CD) pipeline is signed by a key that is cryptographically bound to a corporate identity and device, thus promoting trust, integrity and auditability for source code.
“Waiting until after the build to sign code, while easier, is like signing a contract without reviewing the fine print,” said company CEO, TJ Jermoluk. “We’ve seen recently [that] malicious injections can evade detection for years and compromise multiple companies – regardless of the strength of their organizational security posture. As we’ve done with our Secure Work product, taking the risk – and burden – of passwords and signing keys out of users’ hands not only greatly improves security, but also greatly accelerates access and productivity.”