Novawatch is aware of the Crowdstrike outage and is actively working with Crowdstrike Engineering to gain broader insights into the overall impact and necessary remediation. We will continue working with our partners and clients until the issue is fully resolved and will provide updates as they become available. We have been and will be continuing to monitor the situation closely.
Novawatch
Computer and Network Security
Scottsdale, Arizona 758 followers
MDR • SOAR • SIEM / Managed Security Solutions
About us
Novawatch's mission is to enable companies to dramatically improve their cyber resiliency by leveraging our team of highly-trained security professionals using cutting-edge MDR technology solutions from our 24/7/365 Security Operation Center in Scottsdale, Arizona. Novawatch MDR is the most secure, scalable, and efficient managed detection and response (MDR) service on the market. With a robust suite of security services that are easy to implement and manage, Novawatch is the ideal choice for organizations looking to secure their infrastructure against the latest cyber threats. We are committed to providing our customers with unmatched support throughout the entire lifecycle —from initial setup through ongoing management services—so they can focus on growing their business instead of worrying about cybersecurity concerns.
- Website
-
https://novawatch.com
External link for Novawatch
- Industry
- Computer and Network Security
- Company size
- 11-50 employees
- Headquarters
- Scottsdale, Arizona
- Type
- Privately Held
- Founded
- 2022
Locations
-
Primary
18700 N Hayden Rd
Scottsdale, Arizona 85255, US
Employees at Novawatch
Updates
-
Novawatch is proud to support Involta’s 3rd Annual Cinco de Mayo Charity Golf Tournament benefitting @ParentAid as a [SPONSOR LEVEL] Sponsor! Join us on the green on May 3, 2024, at the Omni Golf Resort in Tucson, AZ to help tee up this great cause. Don’t golf? Join us for the Fiesta Dinner Party following the tournament! Register below using our code cinco2024 to receive a 10% dinner ticket discount. Register: https://birdease.com/26409
-
Missed our webinar and want to hear the recording? Click here for access! https://lnkd.in/ghxG2pyM
-
Did you miss the webinar "Unlocking Security: Harnessing the Power of Novawatch for PCI DSS 4.0 Compliance" featuring Anthony J Petruso and Westley Thompson? We have a recording to share! Reach out to us at info@novawatch.com for the recording and any questions! #novawatch #pcidss4.0 #mssp #managedservices #pcidss
-
Don't miss our webinar on "Unlocking Security: Harnessing the Power of Novawatch for PCI DSS 4.0 Compliance". To register please reach out to info@novawatch.com! #pcidssv4 #pcidss #managedsecurityservices #mssp
-
Contact us to learn how our partnerships with MegaplanIT and Rapid7 can help your company meet new PCI DSS v4.0 requirements!
Authenticated vs. Unauthenticated vulnerability scanning. Our very own VP of Security Services, Dominick Vitolo, GPEN, PCI-QSA, CISA, CISM recently wrote an article about how we MegaplanIT are committed to leveraging our own in-house expertise, as well as that of our partners such as Rapid7 and our sister company Novawatch to effectively navigate and comply with the new PCI DSS v4.0 Requirements. In this article, Dominick focuses specifically on the Vulnerability Scanning changes within requirement 11.3.1.2 and how we are helping our clients to get in front of this. Contact us today to learn more. info@megaplanit.com https://lnkd.in/gRFm9_Uu
Explanation of New Authenticated Scanning PCI DSS Requirement 11.3.1.2 in PCI DSS V4.0 and how InsightVM can help meet the Requirement | Rapid7 Blog
rapid7.com
-
Vulnerability Alert! There's a high-level Apache Struts vulnerability we'd like to make you aware of. CVE-2023-50164 Apache Struts: Apache Struts is a popular Java web application framework. On December 7, 2023 Apache published an advisory for CVE-2023-50164, a Struts parameter pollution vulnerability that potentially leads to arbitrary file uploads. An attacker with the ability to perform arbitrary file uploads is very likely to be able to leverage this and achieve remote code execution. According to the vendor, the following versions of Struts are affected: Struts 2.0.0 – Struts 2.3.37 (End of Life) Struts 2.5.0 – Struts 2.5.32 Struts 6.0.0 – Struts 6.3.0 Several technical analyses on the root cause of the vulnerability have already been done. Notably, all current public analysis of the vulnerability demonstrates exploitation on a custom-made demo web application. Mitigation Guidance: Vendors who develop applications that use Apache Struts should upgrade to Struts 2.5.33, Struts 6.3.0.2, or greater to remediate CVE-2023-50164. IVM & Nexpose customers can run a check for CVE-2023-50164. We will continue to monitor the situation and keep you updated. Stay secure!
-
Vulnerability Alert! We'd like to share some of the vulnerabilities (including 1 zero-day and 3 RCEs) that were detected in December 2023: CVE-2023-20588: The single zero-day vulnerability, describes a potential information disclosure due to a flaw in certain AMD processor models as listed on the AMD advisory. IVM & Nexpose customers can run a check for this vulnerability with the December 13th Rapid7 patch release applied while reviewing the AMD advisory and Microsoft's advisory. CVE-2023-35628: A critical RCE vulnerability in the MSHTML proprietary browser engine still used by Outlook, among others, to render HTML content. IVM & Nexpose customers can run a check for this vulnerability with the December 13th Rapid7 patch release applied while reviewing Microsoft's advisory. CVE-2023-35630 & CVE-2023-35641: A pair of critical RCE vulnerabilities in Internet Connection Sharing. CVE-2023-35630 requires the attacker to modify an option->length field in a DHCPv6 DHCPV6_MESSAGE-INFORMATION-REQUEST input message. CVE-2023-35641 requires exploitation via a maliciously crafted DHCP message to an ICS server, but the advisory gives no further clues. IVM & Nexpose customers can run a check for both vulnerabilities with the December 13th Rapid7 patch release applied while reviewing Microsoft's CVE-2023-35630 advisory and Microsoft's CVE-2023-35641 advisory. As always stay secure and we will continue to monitor and keep you updated with any new information.