Many companies are offering free cybersecurity tools and resources to help organizations during the COVID-19 coronavirus outbreak.
Tens of companies have announced over the past weeks that they are offering free tools and services to organizations impacted by the pandemic. However, some experts have cautioned about these offers.
“A word of caution to businesses (especially SMBs): Beware of companies offering generous freebies in these uncertain economic times,” Ryan Naraine, Director of Security Strategy at Intel, warned in a post on LinkedIn. “There’s always the understandable temptation to stretch budgets and pick up some freebies and giveaways.”
Make these decisions wisely, for a few reasons:
You likely don’t need this ‘free’ solution and you’ll absorb some costs integrating and implementing any new tech or tool.
It will be difficult and expensive to rip-and-replace it later. Deliberately so. Don’t be stuck paying for something you don’t need (see below) just because someone gave it to you for free a year ago…
The bill *will* come due one day. Remember, it’s never ever free.
SecurityWeek has selected a few of the tools and resources offered for free. We have confirmed with most of the vendors that users who sign up for their offer do not have to commit to anything.
ImmuniWeb – Web Security Package
ImmuniWeb is offering companies that are moving operations online $500,000 worth of services. Companies that qualify will be helped in identifying their external attack perimeter, measuring security and compliance risks, conducting PCI DSS and GDPR audits for business-critical applications, finding compromised credentials, and implementing continuous security monitoring. In addition, ImmuniWeb has removed some limits on its already-free services to help organizations that will not qualify for its offer.
Cloudflare – Cloudflare for Teams
Cloudflare is offering Cloudflare for Teams for free for at least the next 6 months. The solution is designed to enable remote workers to operate securely and help organizations secure devices, networks and internal applications.
Netscout – Threat Intelligence Portal
Netscout is providing free access to its Cyber Threat Horizon threat intelligence portal, which offers network and security operators visibility into DDoS attacks in real time. The service collects, analyzes and prioritizes data on past and emerging threats. For research and analysis purposes, users can access historical data dating back to 2003.
Zix-AppRiver – Secure Messaging Service and Microsoft 365 Audit Tool
Zix-AppRiver says businesses can use its Healthyemail encrypted messaging service and its Microsoft 365 security audit tool for free. Healthyemail allows users to send messages and large files securely, while the audit tool scans for vulnerabilities within Microsoft 365. The offer is currently not limited to a certain period of time.
Cyber Risk Aware – Free Phishing Test
Cyber Risk Aware is offering a free phishing test that organizations can use to test their staff, including against recently added COVID-19-themed phishing lures. The company is also providing a free training course on “Cyber security outside the office.”
PhishCloud – Phishing Protection
PhishCloud is offering its PhishCloud Lite package for free for one year. The product is designed to show employees which links are safe or unsafe when they surf the web.
Tufin – Firewall Change Tracker
Tufin is offering a free tool called the Tufin Firewall Change Tracker, which provides organizations real-time visibility into firewall rule changes. Security teams can use the tool to view multi-vendor firewall changes in real time, including who changed what and when. The tool works with physical, virtual, cloud or on-premises firewalls.
1Password – 1Password Business
1Password is offering its 1Password Business password manager free for 6 months. Until now the trial period was only 30 days and under normal circumstances the solution costs $8 per user per month.
Microsoft – Zero Trust Assessment Tool
Microsoft is offering a free zero trust assessment tool designed to help organizations determine where they are in their journey to implement a zero trust security model. This security model, which assumes that every request originates from an uncontrolled network, can be highly useful for preventing unauthorized access to corporate systems while most employees work from home.
Odo Security – Remote Access Solution
Odo Security is offering free subscriptions to its secure remote access solution, OdoAccess. The offer is available to organizations affected by the coronavirus crisis if they register before June 1. For additional information, companies can reach out to Odo via email at info(at)odo.io.
SANS – Security Awareness Work-from-Home Deployment Kit
SANS is offering a Security Awareness work-from-home deployment kit that includes useful information for both organizations and individuals. The kit includes a comprehensive step-by-step guide for securing a company’s remote workforce, employee training recommendations, tips and videos.
Untangle – Cybersecurity Resources
Untangle has set up a COVID-19 resource center that provides a free library of resources that can help organizations secure their network and their employees while they work from home.