now browsing by tag
#cybersecurity | #hackerspace | Zero Networks Launches Industry’s First Autonomous Network Access Orchestrator, Announces $4.65 Million in Funding
Debuting at the RSA® Conference’s Launch Pad, the platform delivers adaptive user and machine-level policy enforcement to make a zero trust network model at scale a reality
NEW YORK and TEL AVIV – February 20, 2020 – Zero Networks (www.zeronetworks.com), the pioneer in zero trust network access, today unveiled the Zero Networks Access Orchestrator, the first network security platform that automatically defines, enforces and adapts user- and machine-level network access policies to create a continuous airtight zero trust network model, at scale. The company was named one of three finalists for the prestigious RSAC Launch Pad, where it will debut the platform, on February 26th, during the RSA Conference, the world’s leading information security conference.
Zero Networks also announced it has raised $4.65 million in seed funding, led by F2 Capital and Pico Venture Partners. This funding will be used to accelerate product development and hire key positions in engineering, marketing, sales and business development.
Assuming users and machines inside the network can be completely trusted leaves the door open for malicious insiders and hackers to do almost anything they want. Zero Networks minimizes these risks, with the click of a button, constraining access in the network to only what users and machines should be doing. The Zero Networks Access Orchestrator is the first of its kind to deliver:
- Autonomous policy enforcement – observes how users and machines normally communicate to automatically enforce a zero trust networking stance throughout your environment, with a two-factor authentication (2FA) mechanism to allow new or rare access, so users can always get what they need, when they need it.
- Airtight security – establishes least privilege access for each and every user and machine, so they can only access only what they need, and nothing more. This provides a scalable and cost-efficient way for enterprises to establish user and machine-level perimeters that put an end to excessive allowances within the network. It also eliminates many internal attack vectors, such as network discovery, lateral movement, remote code execution and the introduction of commodity malware.
- Access control at scale – provides a single source for all network access policies, so the entire environment is protected from managed and unmanaged devices, at scale, with the click of a button. There are no agents to deploy and no policies for IT to configure or manage.
“Zero Networks is making a zero trust security model at scale a reality,” said Jonathan Saacks, managing partner from F2 Capital. “Their approach is a radical change for the market, but not a radical change for enterprises, which is why it is so effective,” added Tal Yatsiv, operating partner at PICO Venture Partners. “Enterprises can go about their business and lock down the access of each of their users and machines to only what they need, without agents, without intervention, and without disruptions.”
Zero Networks founders Benny Lakunishok and Jossef Harush came up with the Zero Networks Access Orchestrator when they saw the burden that IT and security teams face in trying to maintain real-time access requirements for all users and machines across their environment. With deep experience in cybersecurity, they knew there had to be better, more scalable solution.
Mr. Lakunishok has been in cybersecurity for the past decade and was part of the leadership team of Aorato, which was acquired by Microsoft. Mr. Harush previously led the architecture and engineering team at CyberX. Together, they established Zero Networks to make it easy for enterprises to adapt and scale airtight, internal network access policies that keep attackers out and the business going.
The Zero Networks Access Orchestrator is currently being used by beta customers in the manufacturing, energy, retail and public sectors to defend their internal networks and will be commercially available at the end of Q1 2020.
About Zero Networks
Zero Networks automates the creation, enforcement and maintenance of zero trust network access policies for each user and machine to make zero trust security model at scale a reality. The Zero Networks Access Orchestrator enables organizations to keep up with the changes in their dynamic environment and prevent breaches from impacting operations, so they can be confident their users and machines are able to go about their business and nothing more. With Zero Networks, there are zero hassles, disruptions or worries － there’s just trust. For more information, please visit www.zeronetworks.com or follow Zero Networks on LinkedIn at https://www.linkedin.com/company/zero-networks or Twitter at https://twitter.com/ZeroNetworks.
The post #cybersecurity | #hackerspace |<p> Zero Networks Launches Industry’s First Autonomous Network Access Orchestrator, Announces $4.65 Million in Funding <p> appeared first on National Cyber Security.
View full post on National Cyber Security
#cybersecurity | #hackerspace | NEW TECH: CyCognito employs offensive bot network to put companies a step a head of attackers
When it comes to defending their networks, most companies have had it drilled into them, by now, that it’s essential to erect layered defenses.
Related:Promise vs. pitfalls of IoT
For small- and mid-sized businesses, firewalls, antivirus suites and access management systems represent the entry stakes for participating in today’s digital economy. Security-mature SMBs go the next step and embrace incidence response and disaster recovery planning, as well
Meanwhile, large enterprises pour tens of billions of dollars annually into next-gen firewalls, EDR, DLP and IDS technologies, each system generating a fire-hose of threat feeds, with all of this threat intel flooding, hour-by-hour, into SIEMs, UEBAs and other analytics platforms.
And yet, after a couple of decades of piling up layer upon layer of defenses, catastrophic breaches persist — they’re occurring as often as ever, and causing more harm than ever. Threat actors simply seek out the endless fresh attack vectors arising as an unintended consequence of digital transformation. In short, layered defenses have turned out to be cheesecloth.
Acknowledging this, a few cybersecurity innovators are taking a different tack. Instead of offering up more layers of defense, they’ve slipped on the shoes of the attackers and taken an offensive approach to defending IT assets. One of the most single-minded of these security vendors is startup CyCognito.
The company was launched in Tel Aviv in 2017 by a couple of former Israeli military cyber ops attack specialists, Rob Gurzeev and Dima Potekhin. Gurzeev and Potekhin set out to mirror the perspective of threat actors — and then help companies tactically leverage this attackers’ view to shore up their porous networks.
“The attackers need only to find a single blind spot to gain entry – it’s like singling out the weakest zebra in the herd,” says Gurzeev, CyCognito’s CEO. “Defenders, meanwhile, have to guard everything all of the time, and most organizations have many more Internet pathways than they even know about, much less are taking steps to defend.”
CyCognito’s employment of a bot network is what struck me most after I sat down with the team and learned in more detail what they’re up to. They’re not just borrowing a few pages from the attackers’ handbook; they’re actually utilizing the bad guys’ core tool – botnets They’ve set out to boldly redirect botnet-power towards helping, instead of exploiting, the good guys.
I first wrote about criminal botnets at USA TODAY in 2004. Botnets at the time were just emerging; they’ve since become entrenched as the engine that drives all of cybercrime. A bot is a computing nodule that strictly obeys instructions from a command and control server. A criminal botnet is a network of bots under control of an individual attacker.
Botnets are the nimble infrastructure that enables criminals to blast out massive ransomware and denial of service attacks and also to execute intricate advanced persistent threat (APT) hacks that play out over months and go very deep. Bots traditionally have arisen from compromised, or “pwned,” computing devices. Today bots are more often spun up as virtual instances of computing devices. Bad actors are spinning up these virtual bots by the million, utilizing computing resources sold, no questions asked, by the major cloud service providers, Amazon Web Services, Microsoft Azure and Google Cloud .
By contrast, CyCognito’s 60,000 nodule-strong bot network is comprised of computing instances distributed globally with the expressed intent to help enterprises protect themselves. Bots do what they’re told. CyCognito’s bot network actively crawls the Internet identifying and mapping all exposed IP assets, fingerprinting each asset. This is essentially identical to the ground-level crawling and probing reconnaissance tasks that criminal botnets perform every day.
Upon finding an exposed IT asset, say a web server or a gateway router, CyCognito can pinpoint the IP address, confirm what type of asset it is and check whether the asset has any open ports; it can even ferret out snippets of coding or text, such as a copyright, that indicates more granularly what specific functions the asset performs, who the asset belongs to and what other assets it communicates with.
CyCognito’s bots feed this ground-level intelligence back to an analytics platform, which makes correlations and may ask for more information. This results in an assessment of the business context surrounding each asset. “We’re building a live picture of what’s out there, not specifically looking for problems, at that stage,” explains Raphael Reich, CyCognito’s vice president of product marketing. “We’re collecting information to build associations between assets that other solutions miss: assets in the cloud, in subsidiaries, in third-party networks.”
Another thing about bots, they do what they’re told — for as long as they’re told to do it. Over the past couple of years, CyCognito’s botnet has surveilled and fingerprinted some 3.5 billion Internet-exposed IT assets, resulting in rich data sets that are fed into the company’s analytics. CyCognito has been able to map details of specific assets to thousands of organizations in much the way a criminal ring would do, which allows it to understand attackers’ easiest pathways i
Last November, the company released findings from an analysis it conducted to identify what it calls “shadow risk” – exposures that, for whatever reasons, enterprise IT and security teams are often blind to. Shadow risk creates attack vectors that are externally exposed to anyone with the skill and desire to go find them. The data reveals that a stunning percentage of organizations have a significant number of security blind spots, most often stemming from third-party and cloud interconnectivity. For instance, CyCognito’s research found:
•Organizations are unaware of as much as 75% of their attack surface.
•Some 82% of these hidden assets impact the organization’s cybersecurity posture and are managed by their cloud providers, partners or subsidiaries.
•Some 87% of organizations have critical exposures that are visible to attackers at a given point in time.
These findings are not at all surprising. Quite the opposite, they ring very true. Companies never found a way to stop intruders from breaching and plundering with impunity, even when all they had to defend were on-premises IT systems. Today we’re in the throes of digital transformation. Agility, speed, and modular transactions happen on the fly and in the cloud. This sets up a much more complex security challenge than setting up trip-wire alarms around an on-prem data center.
“Most organizations have expanded and broadly diversified their IT resources on-premises and in the cloud, making continuous monitoring and timely mitigation extremely challenging,” observes Potekhin, CyCognito’s CTO. “The inspiration for the CyCognito platform was the realization that the explosive growth in the numbers of threat actors and the sophistication of their tools has leapfrogged the capabilities of legacy security solutions and most of today’s enterprises, even those who are highly security-aware.”
What CyCognito has set out to do is outflank attackers and one of the results is a high-definition snapshot of the threat landscape, on any given day. That’s a major step forward. I hope they are able to trigger a new era of advances in the overall field of attack surface monitoring.
Meanwhile, as you might expect, the company has also designed its botnet and analytics platform to be available for hire — to drill down on individual companies’ IT assets. This can help companies identify and address open attack vectors — before the bad guys can get to them. “We looked to create a new class of solution to beat the attackers at their own game,” Gurzeev says. “It’s heartening that from Day One on our platform, customers are finding, assessing and closing open pathways.”
I expect layered defenses will continue to have a place, moving forward. But it’s going to be fascinating to see how adding a bit of offensive punch to defending networks catches on, and how much of a difference offensive security solutions will make, overall. I’ll keep watching.
Pulitzer Prize-winning business journalist Byron V. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be.
(LW provides consulting services to the vendors we cover.)
*** This is a Security Bloggers Network syndicated blog from The Last Watchdog authored by bacohido. Read the original post at: https://www.lastwatchdog.com/new-tech-cycognito-deploys-offensive-bot-network-to-put-companies-a-step-a-head-of-attackers/
View full post on National Cyber Security
Source: National Cyber Security – Produced By Gregory Evans by Dan Kobialka • Jan 14, 2020 WatchGuard Technologies, a network security hardware and services provider, now offers automated monthly billing for its WatchGuardONE FlexPay program, according to a prepared statement. That way, WatchGuardONE partners can purchase WatchGuard Subscriptions from participating distributors without upfront costs or […] View full post on AmIHackerProof.com
#cybersecurity | #hackerspace | Zeek is Like a Box of LEGO Bricks for Network Security [Q&A with Dr. Ali Hadi]
Source: National Cyber Security – Produced By Gregory Evans By day, Dr. Ali Hadi is a professor that teaches cybersecurity courses as Champlain College in Burlington, Vermont. At night, he researches various aspects of cybersecurity. It was his research and conference presentations around network security and the Zeek framework that caught our attention. So, we […] View full post on AmIHackerProof.com
Source: National Cyber Security – Produced By Gregory Evans If you’re lucky, the process will be automatic; you might even get alerts on your phone every time a firmware update gets applied, which usually happens overnight. If you’re unlucky, you might have to download new firmware from the manufacturer’s site and point your router towards […] View full post on AmIHackerProof.com
Source: National Cyber Security – Produced By Gregory Evans Smart DCC, the licence-holder building and managing the secure national infrastructure that underpins the roll-out of smart meters across the UK, has passed a milestone in its network capability, with the three millionth second-generation smart meter (SMETS2) attached to its smart network. The Capita subsidiary was […] View full post on AmIHackerProof.com
#school | #ransomware | New Jersey school district to delay opening due to ransomware attack – Shore News Network
An entire school district in New Jersey announced it will have delayed openings on Monday due to a ransomware attack.
Check out more Eyewitness News – http://7ny.tv/2suJHTd
OUR SOCIAL MEDIA –
NEW HERE? –
Hi! We’re abc7NY, also known as Channel 7 on TV, home to Eyewitness News, New York’s Number 1 news. We hope you love us on YouTube as much as you do on television!
#abc7NY #ransomware #newjersey
View full post on National Cyber Security
#deepweb | Webscale Achieves Advanced Consulting Partner Status in the Amazon Web Services Partner Network
SUNNYVALE, Calif., Nov. 20, 2019 (GLOBE NEWSWIRE) — Webscale, the Digital Cloud Company, announced today that it is now an Advanced Consulting Partner in the Amazon Web Services (AWS) Partner Network (APN). The new designation underscores the company’s ability to rapidly migrate digital applications from static hosting environments to a fully managed cloud infrastructure in AWS. It also recognizes Webscale’s expertise in DevSecOps automation, and the company’s focus on providing availability, scalability, performance, and security in a simple-to-consume SaaS-based platform.
APN Consulting Partners help customers of all sizes design, architect, build, migrate, and manage their workloads and applications on AWS. To qualify for the APN Advanced Consulting Partner tier, partners must meet thorough requirements that demonstrate the scale of their AWS expertise, capabilities, and engagement in the AWS ecosystem, and showcase they have built strong AWS-based businesses.
“Achieving APN Advanced Consulting Partner status speaks volumes about the level of commitment and expertise that the Webscale team brings to every customer engagement,” said Sonal Puri, CEO at Webscale. “With our focus on the cloud for digital commerce – B2C, B2B, B2E – and our deep understanding of the needs of this segment as it relates to website infrastructure, our customers, both present and future, can enjoy peace of mind in knowing that they are selecting a proven team to help them leverage the cloud effectively and affordably.”
For more information on Webscale’s award-winning Digital Cloud platform, visit www.webscale.com.
Webscale, the Digital Cloud Company, is the leader in converged software for hyperscale cloud automation. Delivered as-a-Service, the Webscale platform allows businesses of all sizes to benefit from infinite scalability, load balancing, high performance, outage prevention, improved security, and simple management in multi-cloud environments, including Amazon Web Services (Advanced Consulting Partner in the AWS Partner Network), Google Cloud Platform (Google Cloud Platform Partner), and Microsoft Azure (Microsoft Partner Network). Webscale enables digital transformation for B2C, B2B, and B2E e-commerce and enterprise customers in seven countries and for seven of the Fortune 1000 businesses and seven of the Internet Retailer Top 500. The company is headquartered in Sunnyvale, CA, with offices in Boulder, CO, and Bangalore, India.
For more information, visit www.webscale.com. Follow us on LinkedIn, Twitter, and Facebook.
+1 (408) 416 7943
View full post on National Cyber Security
five years have seen the overhaul of some of cybersecurity’s biggest technology
categories. Palo Alto Networks and the next-generation firewall market upended
the network security market, companies like Splunk turned SIEM on its head, and
next-generation endpoint technology from companies like Crowdstrike and Cylance
changed the game for endpoint security.
transformations take hold in the market, the question becomes: what comes next?
Which technology will be the next one to be revolutionized?
category most likely to be disrupted is network segmentation, which allows
companies to split their main network into smaller sub-networks to mitigate
risks. From a cybersecurity perspective, this means you can have networks with
sensitive finance data or customer credit card information on a totally
separate network from potential entry points for attack, like an employee’s
laptop or your smart building technology.
network segmentation isn’t new, it hasn’t been as widely adopted across the
enterprise. Some of this can be credited to shortcomings of existing
technologies for today’s companies, such as difficulty to implement in
environments outside of the data center or blind spots like unmanaged devices.
are a few signs already that the technology is ready for a revamp. Hackers
continue to penetrate company networks, and the ease with which they can move
laterally across the network means they are able to cause greater havoc to an
organization. Companies are also facing new, more complex compliance
requirements and greater risk overall as the attack surface grows due to a
rising volume and diversity of devices, including IoT and operational
technology (OT) devices. Network segmentation is one way that companies can better
handle some of these challenges, or at least limit their risk.
As part of
any coming transformation, our industry needs to shift our thinking about what
we want from the next generation of network segmentation tools and consider
some of the qualifications for these technologies.
should make sure we are getting the full context of all devices and
applications you might want to segment across the full extended enterprise,
from campus to data center to cloud and OT environments. Without knowing that
context as a baseline, you won’t know what or how to segment. The more granular
that context, the more helpful it can be. For instance, it is helpful to know
if a camera is a surveillance camera or a teleconferencing camera because you
might want different types of policies for each type.
are challenged when they only get that context in pieces. They may know device
types or applications for the data center, which is generally easier because
devices are more straightforward, but not across the entire enterprise. But
they will need this data as the foundation if they want to apply network
segmentation effectively and more broadly.
future of network segmentation needs traffic context. Very few organizations
have the luxury of building their network entirely from scratch. Instead,
they’re more likely to be layering network segmentation on top of existing
networks. To do that effectively, you need to know what is talking to what. You
also need to know what counts as legitimate traffic, as in what should be
talking to what. If you don’t have visibility into that, you can’t have full
confidence that you can enforce network segmentation rules without breaking
organizations will be able to use all that context information to create and
enforce policies. This is the step that will take us to the next generation of
network segmentation. It will set boundaries across the network, segmenting it
so devices and applications can only access the data they need and so the blast
radius of an attack is contained inside a limited area.
important thing to note about this final step is that it will likely always be
an iterative process. The enforcement of the policies should be dynamic and
automated, taking the device and traffic context and using that to stay
up-to-date with today’s rapidly changing networks. Older policies may need to
be updated to take into account a changing environment. It should also be
orchestrated across multiple technologies to account for varying
infrastructure, like campus switches, firewalls, SDN infrastructure, and public
cloud infrastructure. All of these nuanced changes are possible if you have
deep context into the environment. Ideally, we could also simulate these
changes ahead of time, so security personnel could test out policies as they
create them to see how they might impact the network before they are put into
action. You don’t want to break something in the process!
doesn’t have an easy job. They are grappling with how to get a handle on a
growing number of cybersecurity threats, as well as reduce overall risk and
meet compliance mandates. The network segmentation technologies of tomorrow
might help address those pain points and reduce the scope of an attack. Data
breaches are unfortunately a matter of when, not if, for all companies. With
that in mind, it is more important than ever to focus on finding new ways to
innovate and limit the risk and scope of damage an attack might pose.
The post #cybersecurity | hacker | Why network segmentation is ready for an overhaul appeared first on National Cyber Security.
View full post on National Cyber Security
Source: National Cyber Security – Produced By Gregory Evans A vulnerability detected in Amazon doorbell cameras made it possible for hackers to gain access to the owner’s household computer network. The weakness in the Ring Video Doorbell Pro IoT device was discovered by researchers at Bitdefender in June of this year. Researchers found that the credentials of […] View full post on AmIHackerProof.com