Sailpoint Glassdoor
Sailpoint is a IAM tool that is rapidly growing within the cyber security industry.
Last week there were reports by Advanced Intelligence (AdvIntel) claiming that three US antivirus companies had been hacked by a top-tier Russian hacking collective.
While the original research did not identify the impacted companies, both Gizmodo and Bleeping Computer have reported that McAfee, Symantec and Trend Micro are the three companies in question.
Though it does try to adhere to the general rule of not discussing victim entities, an AdvIntel spokesperson said in an email, “Given the latest independent corroboration and publication, we can confirm that Trend Micro and McAfee were two of the companies that were claimed to be breached by the actor group with their internal access and data for sale.”
Trend Micro has confirmed that an unauthorized third party accessed a single testing lab network. “We have an active investigation underway related to recent claims, and while it is not complete, we want to transparently share what we have learned. Working closely with law enforcement, our global threat research and forensic teams are leading this investigation,” a Trend Micro spokesperson wrote in an email.
“Some low-risk debugging related information was obtained. We are nearing the end of our investigation and at this time we have seen no indication that any customer data nor source code were accessed or exfiltrated. Immediate action was taken to quarantine the lab and additionally secure all corresponding environments. Due to the active nature of the investigation, we are not in a position to share any additional information, but we will provide an update when additional insights become available and can be disclosed.”
A McAfee spokesperson wrote, “McAfee has been conducting a thorough investigation into these claims. To date, we’ve found no indication that McAfee products, services or networks have been impacted by the campaign described.”
AdvIntel said that it had reached out to all of the purported victims, as well as the law enforcement, regarding Fxmsp well before its initial blog was released. Though the company did not comment on whether Symantec was one of the breached companies, there has been speculation that Symantec is the third victim.
Symantec said it is aware of recent claims that a number of US-based antivirus companies were breached, and a spokesperson said, “We have been in contact with researchers at AdvIntel, who confirmed that Symantec (Norton) has not been impacted. We do not believe there is a reason for our customers to be concerned.”
*AdvIntel admitted in a message to Computer Business Review that Fxmsp had not provided “sufficient evidence to support this allegation [that Symantec was hacked].” The company added: “We believe with a high degree of confidence that Symantec’s assessment of risks and their statement that ‘there is no reason for our [Symantec] customers to be concerned currently’ is correct.”
source infosecuritymagazine
Industry: Cyber Security News
Latest Jobs
-
- Security Analyst - Internal role. London commutable. Permanent
- London
- N/A
-
Security Analyst - Internal role. London commutable opportunity. Operational Security - Investigate, escalate and proactively work to ensure household name remains protected. Project Security - Coordinate, log change requests with project delivery teams to meet security requirements Policy / compliance - work with team to aid in uplifting these as and where needed This role is role to investigate, escalate and proactively work to protect a globally recognised brand. You must have current hands on operational analytical security experience with Microsoft technology stack Someone with a SOC Analyst / security engineering background would be well suited. This position will join a small team and would suit someone that has broad experience across the security threat landscape. Experience / knowledge across industry GRC standards such NIST, ISO27001 etc very advantageous and a priority. You will work across multiple teams proactively working to secure the business. Must be able to commute to Central London 3 days a week. Visa sponsorship not available Apply today to find out more.
-
- Network / Security Infrastructure Engineer | West London | Permanent
- London
- N/A
-
Network / Security Infrastructure Engineer | West London | Current Config, Install, upgrade experience On prem / Datacetner experience essential. Hands on experience MUST include: Routing, Switching, Network Security (firewall, IDS etc), Microsoft exchange / Exchange 365. Scripting / automation experience wanted. Python, Powershell etc Regular travel to West London is required. Visa sponsorship not available. Apply today for more information chris.holt@dclsearch.com Use this whatapp link to reach out https://wa.me/message/6USF5RAQBOZIP1
-
- SailPoint File Access Manager Consultant/ Architect
- N/A
- discussed on applications
-
SailPoint File Access Manager (SailPoint FAM) Consultant/ Architect is required for an up coming projects, Ideally looking for someone with experience in Designing and deploying SailPoint FAM , this is a new Deployment, you will work with customer in the initial workshop phase, to understand requirements and to get the initial design, you will then be responsible for deploying the solution. This is a home based role, with some onsite visits required during the length of the project. We are looking for someone who has previous experience in Deploying SailPoint FAM (ideally done design work) Need to have experience with SharePoint and ideally Azure and Share file
-
- DV Cleared CyberArk Consultant- Contract
- City of London
- Upto £700 per day
-
CyberArk Consultant is needed to be responsible for leading the deployment of CyberArk solutions for this Secure government site You will work with customer, helping to create CyberArk Strategic Roadmaps, on-boarding accounts, product and process integration into the CyberArk Solution and Proviso of Installation and technical Documentation. We are looking for this individual to have experience in: In CyberArk deployment, and ideally leady the deployment both strategically and also technically for this project we need the consultant to hold current DV cleared status For the right individual this could be a long term project.