Information Technology

ZeroFOX has acquired LookingGlass Cyber Solutions’ Cyveillance threat intelligence business. 

Announced on Tuesday, the deal is designed to merge the ZeroFOX Digital Risk Protection Platform and Cyveillance’s threat intelligence data trove and dark web intelligence capabilities. 
ZeroFOX says that snapping up the business, previously a subsidiary of LookingGlass, is a strategic move to push the company up the enterprise threat intelligence and protection roster on a global scale.
See also: Leaders of ‘notorious’ Team Xecuter game piracy, homebrew group arrested
Financial details were not disclosed. 
Founded in 1997 and headquartered in Reston, Virginia, Cyveillance was previously acquired by LookingGlass in 2015. 
The company provides clients with online data source analysis and monitoring, including a digital risk protection service, a “data lake” repository containing over two decades’ worth of threat intelligence, open source security projects, as well as investigation and forensics offerings.
“Our merger with the Cyveillance team fulfills our strategic vision of accelerating our position as the definitive worldwide leader in Digital Risk Protection,” said James Foster, ZeroFOX CEO. 
CNET: Amazon doubles down on Echo home security. What to know
Once the merger completes, Gilman Louie, Executive Chairman of LookingGlass, will be joining the ZeroFOX board of directors. 
Existing Cyveillance customers will continue to receive their services as normal and will also be offered access to ZeroFOX solutions. 
“To accelerate the innovation and service delivery for organizations worldwide who depend on us to protect their critical assets, data and accounts on public platforms, we are employing acquisitions as multipliers in our go-forward strategy,” ZeroFOX added. 
The purchase of Cyveillance is ZeroFOX’s first acquisition since its founding in 2013. The company has previously raised over $154 million through multiple investment rounds. 
TechRepublic: How to boost the effectiveness of your cybersecurity operations
Last week, Imperva acquired database security firm jSonar. While financial details were not made public, the cybersecurity firm said that technology developed by jSonar would be valuable in improving on-premise, cloud, hybrid, and Database-as-a-Service (DBaaS) solutions in its portfolio. 

Previous and related coverage
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 More

Australian Prime Minister Scott Morrison
Image: IBM
Australia’s federal budget papers, which dropped on Tuesday night, make it clear just how little attention the government is paying to its cyber policies and to good governance generally.
ZDNet has already reported how most of the Budget was pre-announced, with those previously-announced figures included in the totals of supposedly new spending. In reality, though, it’s even worse.
Yes, the “additional $201.5 million” to help deliver the nation’s disappointing Cyber Security Strategy is just another part of the AU$1.7 billion over 10 years already announced in August.
Yes, the vast majority of that total figure is the AU$1.35 billion cyber kitty for the Cyber Enhanced Situational Awareness and Response (CESAR) package already announced with much fanfare back in June.
Yes, it’s a re-announcement of a re-announcement. New is not new.
But look more closely and you’ll see that CESAR isn’t even an additional investment.
“This measure will be offset by redirecting funding within the Defence Portfolio,” says Budget Paper No. 2.
To be fair, CESAR was something that would’ve been built anyway. Eventually. Probably. It was just given a shiny name to become part of a Scott Morrison prime ministerial announceable. New is not new.
Even this is a cyber throwback, according to Labor’s Shadow Assistant Minister for Communications and Cybersecurity.
“This government first announced funding for an ASD [Australian Signals Directorate] threat sharing platform in the 2016-17 Budget,” Shadow Assistant Minister for Communications and Cybersecurity Tim Watts tweeted.
“But you know, ANNOUNCING and DELIVERING are different things for this government. Still not delivered yet.”
And all of this is spread “over 10 years”, or three election cycles. The Cyber Security Strategy still doesn’t specify a target date for any of this happening.
According to Home Affairs’ Portfolio Budget Statements, that would be too hard.
“Due to the ongoing nature of the program, it is not appropriate to set an expected date of achievement,” it wrote.
I guess that’s true, given that the strategy itself has so very few measurable targets.

Performance targets for the Department of Home Affairs program number 1.8 Cyber Security.
Some AU$$37.7 million of the magic and largely mythical AU$1.7 billion goes to the Department of Industry, Science, Energy and Resources to “support industry and academia to develop innovative approaches to improve cybersecurity skills and long-term workforce planning”.
This is all well and good, but it comes from the renamed “Election Commitment — Cyber Security Resilience and Workforce Package” that was part of the Mid-Year Financial and Economic Outlook Statement from months ago.
The AU$19.1 million for the Department of Home Affairs to “undertake a range of initiatives, including expanding outreach to Australian industry on cybersecurity-related matters, providing support services to victims of identity theft and cybercrime and enhancing cybersecurity awareness among households and small businesses” is partially money that was already allocated to the department. New is not new.
The AU$1.6 million to the Commonwealth Ombudsman, intended to monitor the nation’s controversial encryption legislation and other cybercrime law enforcement powers, is only for the current financial year. The money comes from “redirecting funding”, a delightful euphemism, from the Department of Home Affairs.
What happens in 2021-2020? The Ombudsman will presumably have to beg for more, or the Telecommunications and Other Legislation Amendment (Assistance and Access) Act 2018 will go without proper independent oversight.
Admittedly, the Parliamentary Joint Committee on Intelligence and Security’s review of the Act is due to report any day now, so maybe the government is holding off allocating money until then. Yes, I’m sure that’s it.
Given the government’s poor track record with IT projects more broadly, you might think that it’d be eager to make sure future projects stay on track.
As Crikey’s Bernard Keane wrote recently, the Australian National Audit Office (ANAO) has been instrumental in uncovering widespread bureaucratic failure, especially when it comes to IT and cybersecurity.
But no. ANAO’s funding is actually being cut from AU$112 million in 2019-2020 to AU$98 million in 2020-2021.
One of the few properly new items is AU$39.4 million to the Office of the eSafety Commissioner to cover the increasing demand for its services and, among other things, a new “adult cyber abuse takedown scheme” under the new Online Safety Act.
That’s good, but that law doesn’t even exist yet. There’s isn’t a draft Bill.
The more you dig into Budget 2020, the less actual substance there is to find, which is the perfect summary of the Morrison government.

Australian Budget 2020 More

The United States House Judiciary Antitrust Subcommittee has wrapped up its probe into Amazon, Facebook, Apple, and Google, with its 450-page report [PDF], making a slate of recommendations, including those it said would strengthen antitrust laws and restore competition in the digital economy.
“As they exist today, Apple, Amazon, Google, and Facebook each possess significant market power over large swaths of our economy,” Judiciary Subcommittee Chairman Jerrold Nadler (D-NY) and Antitrust Subcommittee Chairman David N. Cicilline (D-RI) said in a statement.
“In recent years, each company has expanded and exploited their power of the marketplace in anticompetitive ways.
“Our investigation leaves no doubt that there is a clear and compelling need for Congress and the antitrust enforcement agencies to take action that restores competition, improves innovation, and safeguards our democracy.”
The subcommittee kicked off its inquiries over 16 months ago. Democrat Congresswoman Pramila Jayapal (D-WA) said investigations led the subcommittee to the conclusion that self-regulation by Big Tech comes at the expense of communities, small businesses, consumers, the free press, and innovation.
“Our investigation revealed an alarming pattern of business practices that degrade competition and stifle innovation,” Congresswoman Val Demings (D-FL) added.
“These companies have made remarkable advancements that have shaped our markets and our culture, but their anticompetitive acts have come at a cost … competition must reward the best idea, not the biggest corporate account.”
Although not agreeing on who was to blame for allowing “Big Tech” to achieve near-monopoly status, Congressman Matt Gaetz (R-FL) agreed that these “predatory companies” have used their vast size to unfairly harm competition and consumers.  
On Facebook, the subcommittee said it found evidence of “monopolisation and monopoly power” in the social networking market. It also said that of its nearly-100 acquisitions, the Federal Trade Commission engaged in an extensive investigation of just one — Instagram in 2012.
The subcommittee said a senior Facebook executive described its acquisition strategy as a “land grab” to “shore up” Facebook’s position and another said the company purchased Instagram because it was a threat to Facebook.
“The online platforms’ dominance carries significant costs. It has diminished consumer choice, eroded innovation and entrepreneurship in the US economy, weakened the vibrancy of the free and diverse press, and undermined Americans’ privacy,” the report reads.
The report says Facebook has also maintained its monopoly through a series of anticompetitive business practices, using its data advantage to create “superior market intelligence to identify nascent competitive threats and then acquire, copy, or kill these firms”.
“In the absence of competition, Facebook’s quality has deteriorated over time, resulting in worse privacy protections for its users and a dramatic rise in misinformation on its platform,” it continues.
Google also holds a monopoly, the report says, with search dominance “protected by high entry barriers”, with the subcommittee determining “Google maintained its monopoly over general search through a series of anticompetitive tactics”.
Such anticompetitive tactics, the report lists, include contractual restrictions and exclusivity provisions to extend Google’s search monopoly, such as in the case of its 2005 purchase of the Android operating system.
“Google exploits information asymmetries and closely tracks real-time data across markets, which — given Google’s scale — provide it with near-perfect market intelligence,” the report says. “In certain instances, Google has covertly set up programs to more closely track its potential and actual competitors, including through projects like Android Lockbox.
“Each of its services provides Google with a trove of user data, reinforcing its dominance across markets and driving greater monetisation through online ads. Through linking these services together, Google increasingly functions as an ecosystem of interlocking monopolies.”
Although Amazon is considered as controlling about 40% of US online retail sales, the subcommittee said it was sure the company’s market share is likely understated and alleges that estimates of about 50% or higher were more credible.
“The platform has monopoly power over many small- and medium-sized businesses that do not have a viable alternative to Amazon for reaching online consumers,” the report says. “Amazon has 2.3 million active third-party sellers on its marketplace worldwide, and a recent survey estimates that about 37% of them — about 850,000 sellers — rely on Amazon as their sole source of income.”
“Amazon achieved its current dominant position, in part, through acquiring its competitors; it has also acquired companies that operate in adjacent markets, adding customer data to its stockpile and “further shoring up its competitive moats”, the subcommittee wrote.
“Amazon has engaged in extensive anticompetitive conduct in its treatment of third-party sellers,” it said. “Publicly, Amazon describes third-party sellers as ‘partners’. But internal documents show that, behind closed doors, the company refers to them as ‘internal competitors’.”
On the voice assistant side, the report says the company’s “early leadership” in this market is leading to the collection of highly sensitive consumer data, which Amazon can use to promote its other business, including e-commerce and Prime Video.
And on the company’s cloud business, the subcommittee said as AWS provides critical infrastructure for many businesses with which Amazon competes, such a scenario creates the potential for a conflict of interest where cloud customers are “forced to consider patronising a competitor, as opposed to selecting the best technology for their business”.
Apple, meanwhile, “exerts monopoly power in the mobile app store market”, controlling access to more than 100 million iPhones and iPads in the United States.
“Apple leverages its control of iOS and the App Store to create and enforce barriers to competition and discriminate against and exclude rivals while preferencing its own offerings,” the subcommittee determined. “Apple also uses its power to exploit app developers through misappropriation of competitively sensitive information and to charge app developers supra-competitive prices within the App Store.
“In the absence of competition, Apple’s monopoly power over software distribution to iOS devices has resulted in harms to competitors and competition, reducing quality and innovation among app developers, and increasing prices and reducing choices for consumers.”
Not citing any one company in particular, the subcommittee said the rise of market power online has also materially weakened innovation and entrepreneurship in the US economy.
“Additionally, in the absence of adequate privacy guardrails in the United States, the persistent collection and misuse of consumer data is an indicator of market power online,” it wrote.
“Online platforms rarely charge consumers a monetary price — products appear to be ‘free’ but are monetised through people’s attention or with their data. In the absence of genuine competitive threats, dominant firms offer fewer privacy protections than they otherwise would, and the quality of these services has deteriorated over time.”
The subcommittee also said the market power of the dominant platforms risks “undermining both political and economic liberties”.
The subcommittee offered a number of recommendations to Congress: Restoring competition in the digital economy, strengthening the antitrust laws, and reviving antitrust enforcement.
The first batch of reforms would enforce “structural separations” and prohibit certain dominant platforms from operating in adjacent lines of business; introduce non-discrimination requirements, which would prohibit dominant platforms from engaging in self-preferencing, and require them to offer equal terms for equal products and services; require dominant platforms to make their services compatible with various networks and to make content and information easily portable between them; “presumptive prohibition” against future mergers and acquisitions; introduce safe harbour for news publishers; and introduce prohibitions on “abuses of superior bargaining power”.
To strengthen antitrust laws, the subcommittee wants to reassert the anti-monopoly goals of the antitrust laws and their centrality to ensuring a “healthy and vibrant democracy”.
Specifically, it wants improvements to the Clayton Act, the Sherman Act, and the Federal Trade Commission Act, in order to bring these laws in line with the challenges of the digital economy.
The subcommittee said it wants to restore “robust congressional oversight of the antitrust laws and their enforcement” and restore the federal antitrust agencies to full strength, by triggering civil penalties and other relief for “unfair methods of competition” rules.
Such restoration, the report explains, would require the Federal Trade Commission to engage in regular data collection and enhance public transparency and accountability. The subcommittee highlighted the FTC and the Antitrust Division should also be handed further funding.
The subcommittee’s final recommendation was to strengthen private enforcement, through eliminating obstacles such as forced arbitration clauses, limits on class action formation, judicially created standards constraining what constitutes an antitrust injury, and unduly high pleading standards.
Congressman Ken Buck (R-CO) said that while he does not support the recommendations made, he fully supports working towards a solution that “reins in Big Tech and their anticompetitive behaviour”.
“Antitrust enforcement in Big Tech markets is not a partisan issue, I support the ongoing, bipartisan investigations of these companies. But an ounce of prevention is worth a pound of cure — I would rather see targeted antitrust enforcement over onerous and burdensome regulation that kills industry innovation,” Buck said. 
In response to the subcommittee’s report, Google said the goal of antitrust law is to protect consumers, not help commercial rivals.
“Americans simply don’t want Congress to break Google’s products or harm the free services they use  every day,” the search giant wrote. 
“Many of the proposals bandied about in today’s reports — whether breaking up companies or undercutting Section 230 — would cause real harm to consumers, America’s technology leadership, and the US economy — all for no clear gain.”
At the time of publication, Amazon, Apple, and Facebook were yet to publish responses to the Investigation of Competition in Digital Markets report.
RELATED COVERAGE More

Image: Netlab

A newly discovered botnet contains code that can wipe all data from infected systems, such as routers, servers, and Internet of Things (IoT) devices.
Named HEH, the botnet spreads by launching brute-force attacks against any internet-connected system that has its SSH ports (23 and 2323) exposed online.
If the device uses default or easy-to-guess SSH credentials, the botnet gains access to the system, where it immediately downloads one of seven binaries that install the HEH malware.
This HEH malware doesn’t contain any offensive features, such as the ability to launch DDoS attacks, the ability to install crypto-miners, or code to run proxies and relay traffic for bad actors.
The only features present are a function that ensnares infected devices and coerces them to perform SSH brute-force attacks across the internet to help amplify the botnet; a feature that lets attackers run Shell commands on the infected device; and a variation of this second feature that executes a list of predefined Shell operations that wipe all the device’s partitions.
Botnet is in its early stages of development
HEH was discovered by security researchers from Netlab, the network security division of Chinese tech giant Qihoo 360, and detailed for the first time in a report published today.
Because this is a relatively new botnet, Netlab researchers can’t tell if the device-wiping operation is intentional or if it’s just a poorly coded self-destruction routine.
But regardless of its purpose, if this feature ever gets triggered, it could result in hundreds or thousands of bricked and non-functioning devices.
This could include home routers, Internet of Things (IoT) smart devices, and even Linux servers. The botnet can infect anything with a weakly-secured SSH ports, even Windows systems, but the HEH malware only works on *NIX platforms.
Since wiping all partitions also wipes the device’s firmware or operating system, this operation has the potential to temporarily brick devices — until their firmware or operating systems are reinstalled.
However, in some cases, this could mean permanently bricked systems, as some device owners may not have the knowledge to reinstall firmware on their IoT equipment and may just choose to throw away the old and buy a new device instead.
Currently, Netlab said it detected HEH samples that can run on the following CPU architectures x86(32/64), ARM(32/64), MIPS(MIPS32/MIPS-III) and PPC.
The botnet is still spreading.
HEH, while it hasn’t bricked any devices yet, wouldn’t be the first botnet that wipes IoT devices. The first two were BirckerBot and Silex. More

Image: Google
Google has released Chrome 86 today to the stable channel, and this new release includes numerous security enhancements and new APIs for developers.
Each new Chrome release usually focuses on a main theme. For example, Chrome 84 focused on UI overhauls, while Chrome 85 focused on speed and API improvements.
On that tune, Chrome’s new v86 release comes with loads of password and security-related upgrades, but also with several deprecations and new APIs also included under the hood as well.
Password-checking feature coming to mobile
In December 2019, with Chrome 79, Google added a feature to Chrome named Password Checkup that would take the user’s synced passwords and check to see if they’ve been leaked online during data breaches at other companies.
With Chrome 86, Google says this feature (known as Safety Check since May 2020) is now coming to mobile versions of Chrome on Android and iOS.

Image: Google [supplied]
Easier to change compromised passwords
Furthermore, Safety Check itself is also getting updates. Starting with Chrome 86, Safety Check supports the “.well-known/change-password” standard.
This is a W3C standard that allows websites to specify the URL where users can go to change their passwords.
Chrome 86 adding support for this standard means that users can press a button in the Chrome password settings screen and go directly to that page and change the password right away, rather than search blindly through a website’s complicated structure.
Biometric authentication for password filling on iOS
Google is also expanding the touch-to-fill feature on iOS. Originally launched on Android in July, this feature works by detecting the site the user is navigating on and then prompting the user to autofill passwords, if credentials are recorded.
The feature was created to prevent users from autofilling passwords on phishing sites, but it also lets users fill in passwords in login forms with the touch of a finger, without having to scroll through tens or hundreds or entries to select the proper credentials to auto-fill.
Starting with Chrome 86, this new feature is also present on iOS, where as an additional security feature, users will also be asked to authenticate via a biometric before auto-filling passwords. This includes using Face ID, Touch ID, or their phone passcode as a last resort.

Image: Google
Enhanced Safe Browsing coming to mob
Enhanced Safe Browsing, a security feature that provides increased phishing and malware detection, is being expanded to mobile versions of Chrome.
The feature made its debut in Chrome 83, in May 2020, but only for desktop versions.

Image: ZDNet
Warnings on insecure forms
Chrome 86 now also shows warnings when entering data inside “insecure forms.”
By “insecure forms,” Google is referring to forms hosted on encrypted HTTPS pages but which secretly submit their data via non-encrypted HTTP operations.

Image: Google
Warnings on insecure downloads
Google is also continuing its plan on showing warnings when downloading files via HTTP from pages that show HTTPS.
In Chrome 86, executable and archive files are blocked by default, while Chrome shows warnings for office-related document downloads.

Image: ZDNet
Start of the FTP deprecation
Chrome 86 is also the first version in Google’s grand master plan to remove support for FTP links from Chrome. The entire timeline is below:
Chrome 86 – FTP is still enabled by default for most users, but turned off for pre-release channels (Canary and Beta) and will be experimentally turned off for one percent of stable users. In this version you can re-enable it from the command line using either the –enable-ftp command line flag or the –enable-features=FtpProtocol flag.
Chrome 87 – FTP support will be disabled by default for fifty percent of users but can be enabled using the flags listed above.
Chrome 88 – FTP support will be disabled.
New Native File System
The new Native File System API is a new developer tool that Google tested in previous versions of Chrome and has activated by default in Chrome 86.
This new API enables developers to build powerful web apps that interact with files on the user’s local device. The new API is hidden behind a permission prompt to prevent websites from accessing any local files without authorization.
However, after a user grants the browser access, this API allows a website to behave like a locally installed app and save and interact with designated files and folders on the user’s device.
Google expects this new API to be used to build interactive web apps such as IDEs, photo and video editors, text editors, and more.
But we only touched on the major Chrome 86 features. Users who’d like to learn more about the other features added or removed in this new Chrome release can check out the following links for more information:
Chrome security updates are detailed here [not yet live].
Chromium open-source browser changes are detailed here.
Chrome developer API deprecations and feature removals are listed here.
Chrome for Android updates are detailed here [not yet live].
Chrome for iOS updates are detailed here.
Changes to Chrome V8 JavaScript engine are available here.
Changes to Chrome’s DevTools are listed here.
[embedded content] More

ST Engineering has beefed up its cloud services portfolio via an investment in CloudSphere, a US-based cloud management and governance vendor. Made through its venture capital arm ST Engineering Ventures, the investment will see the Singapore company expand its current cloud services beyond assessment and migration. 
The investment round was made alongside growth equity tech fund, Atlantic Bridge Capital, and would provide ST Engineering “direct access” to hybrid and multi-cloud management and government software and services, the Singapore company said in a statement Tuesday. It added that the investment was part of the organisation’s efforts to drive its capabilities in professional and management services in public cloud. 
ST Engineering is a technology, defence, and engineering group focusing on the aerospace, electronics, land systems, and marine sectors. It VC arm invests in startups in high growth areas such as robotics, autonomous technology, and cybersecurity. 
ST Engineering’s president of electronics sector Ravinder Singh noted that enterprises operating in hybrid and multi-cloud environments were using many different sets of tools, including in resource provisioning and monitoring, cost reporting, and security, as well as identity dashboards with multiple, disparate control planes. 
ST Engineering’s investment in CloudSphere would afford its customers “greater visibility and control” of their multi-cloud inventory, performance, and costs, Singh said. This expansion of its managed services portfolio would enable ST Engineering to tap opportunities with cloud technology, he added.
Amongst CloudSphere’s offerings is its flagship cloud governance platform, which allows customers to manage public cloud deployments with automation tools. 
ZDNet asked ST Engineering several questions including the growth rate of its cloud services and how much it invested in CloudSphere. This article will be updated when the company responds. 
RELATED COVERAGE More

GitHub has released a host of third-party security tools for its just-launched code-scanning feature, which helps open-source projects nix security bugs before they hit production code. 
GitHub Code Scanning works on top of CodeQL (Query Language), a technology that GitHub integrated into its platform after it acquired code-analysis platform Semmle in September 2019. GitHub announced general availability of code scanning last week after a beta phase that’s run since May.   

GitHub has now introduced 10 new third-party code-scanning tools that are available with GitHub code scanning to allow developers to remove flaws before they’re committed to code. 
The ability to add third-party tools to the native GitHub code-scanning feature lets developers customize it for different teams in an organization. 
Extensibility is enabled via code scanning’s application protocol interface endpoint, which ingests the results of scans from third-party tools using the Static Analysis Results Interchange Format (SARIF).
GitHub sees it being valuable for organizations post-merger with teams running different code-scanning tools, as well as for extending coverage to mobile, Salesforce development or mainframe development. It also enables customized reporting and dashboards. 
The new third-party scanning tools include extensions for static analysis and developer security training. 
The current roster includes Checkmarx, Codacy, CodeScan, DefenseCode ThunderScan, Fortify on Demand, Muse, Secure Code Warrior, Synopsys Intelligent Security Scan, Veracode Static Analysis, and Xanitizer.   
Developers can begin using third-party scanning tools with GitHub Actions, a feature that allows users to automate development workflows, or a GitHub App based on an event, such as a pull request. 
GitHub then handles the rest of the task, ensuring there are no duplicates and that alerts are aggregated and associated with each tool that generates a report. 
“The results are formatted as SARIF and uploaded to the GitHub Security Alerts tab. Alerts are then aggregated per tool and GitHub is able to track and suppress duplicate alerts,” explains Jose Palafox of GitHub. 
“This allows developers to use their tool of choice for any of their projects on GitHub, all within the native GitHub experience.” 
The third-party scanners are available on GitHub’s marketplace. 
During the beta, GitHub says code scanning was used to perform more than 1.4 million scans on more than 12,000 repositories. It’s helped identify over 20,000 vulnerabilities.

Open Source More

Mandiant has launched Mandiant Advantage: Threat Intelligence, a software-as-a-service (SaaS) platform designed for security response teams. 

Announced on Tuesday, the FireEye-owned cyberforensics firm said the new solution is the first SaaS offering in its portfolio and will combine threat intelligence gathered by Mandiant together with data from cyber incident response engagements. 
See also: Former Amazon finance manager and family charged with $1.4m insider trading scheme
Delivered through a one-stop-shop platform, Mandiant Advantage: Threat Intelligence leans on real-time information collected by over 300 researchers and analysts.
“By extending this timely look into what’s happening across multiple Mandiant frontlines, organizations can more easily prioritize the threats that matter to them most right now,” the company said.
Over time, more Mandiant Advantage SaaS products will be developed to “to augment and automate global security teams with controls-agnostic, actionable breach, adversary, operational and machine intelligence data.”
CNET: Browser privacy boost: Here are the settings to change in Chrome, Firefox, Safari, Edge and Brave
Planned upgrades include validation on demand — potentially including checks for email filter rules, database configuration, and operating system controls and updates — as well as malware analysis as a service.
Mandiant Advantage: Threat Intelligence is subscription-based and is priced depending on the size of the organization signing up. In addition, the solution includes API integration and a browser plugin. 
“We are now making emerging intelligence accessible to all defenders as it is discovered, regardless of the technology they have deployed,” Sandra Joyce, executive VP of Mandiant Threat Intelligence at FireEye commented. “Now customers of all sizes have unprecedented access to the depth and breadth of threat intelligence Mandiant offers, appropriate to their budget and unique needs.”
TechRepublic: Account takeover fraud rates skyrocketed 282% over last year
Mandiant Solutions was launched in April this year in order to streamline FireEye and Mandiant’s portfolio. Now, the term brings Mandiant Consulting, Mandiant Managed Defense, FireEye Threat Intelligence, FireEye Expertise On Demand, and Mandiant Security Validation under the same umbrella — together with the firm’s latest cybersecurity offering. 

Previous and related coverage
Have a tip? Get in touch securely via WhatsApp | Signal at +447713 025 499, or over at Keybase: charlie0 More