Home Podcasts Videos Guest Posts Q&A My Take Bio Contact
 

New Tech

 

NEW TECH: Brinqa takes a ‘graph database’ approach to vulnerability management, app security

By Byron V. Acohido

Imposing just the right touch of policies and procedures towards mitigating cyber risks is a core challenge facing any company caught up in digital transformation.

Related: Data breaches fuel fledgling cyber insurance market

Enterprises, especially, tend to be methodical and plodding. Digital transformation is all about high-velocity innovation and on-the-fly change. The yawning gap between the two is where fresh attack vectors are arising, creating a candy-store environment for threat actors.

Brinqa, an Austin, TX-based security vendor has come up with a cyber risk management platform designed to help companies take a much more dynamic approach to closing that gap, specifically in the areas of vulnerability management and application security, to start.

Brinqa was founded in 2009 by Amad Fida and Hilda Perez, industry veterans seeking to leverage their collective expertise in risk management and identity and access management. Early on, a customer of their cyber risk management solution asked if they could assess a physical location, down to the fire extinguishers.

An early version of their platform was already live. But that assignment led Fida and Perez to re-architecture the platform around graph databases and knowledge graphs. It was an approach they felt would be flexible enough to keep up with rapidly-evolving enterprise technology infrastructure.

I had the chance at RSA 2019 to meet with Syed Abdur, Brinqa’s director of products, who provided more background. For a full drill down, please give a listen to the full Last Watchdog interview via the accompanying podcast. Here are the key takeaways:

Blistering pace

On-premises data centers look to remain a big part of hybrid cloud networks, going forward, and keeping these systems up to date, with respect to vulnerability patching, isn’t getting easier.

By many measures, the vulnerability management challenge companies face is getting steeper. The National Institute of Standards and Technology’s National Vulnerbility Database, logged around 14,000 unique vulnerabilities, up from 13,000 in 2017 and 6,000 in 2016. …more

NEW TECH: Critical Start delivers managed security services with ‘radical transparency’

By Byron V. Acohido

It was in 2012 that CRITICALSTART burst onto the Managed Security Service Provider (MSSP) scene with bold intentions.

Related: How SMBs can leverage threat intelligence.

The Plano, TX-based company sought to elevate the “MSSP” space high above the accepted standard at the time. It set out to do this by delivering security services based on Zero-Trust and that also provided radical transparency to its customers.

CRITICALSTART has since grown to 105 employees, serving hundreds of customers. In 2018, revenues generated by its core Managed Detection and Response (MDR) service grew 300 percent as compared to 2017.

What struck me most as I prepared to meet up with Jordan Mauriello, CRITICALSTART’s VP of Managed Services, was how the company has been able to stick to its guns providing Zero-Trust and “radical transparency” to its customers.

No one in the cybersecurity community would dispute the fact that widely sharing intel detailing what the bad guys are doing, as well as measures that prove effective in deterring them, should be standard practice – for the greater good.

However, in reality, competitive instincts still get in the way all too often. It was with this in mind that I met with Mauriello at RSA 2019, and he walked me through the path CRITICALSTART has successfully navigated. For a full drill down, give a listen to the accompanying podcast. Here are key takeaways:

Foundation of trust

Radical transparency isn’t a new thing, but we are seeing it more in security, as well as an increase in the need for Zero-Trust model. Mauriello observed that companies shopping for contracted security services are open to taking a trust-but-verify approach, and are looking for service providers to build that trust foundation by operating out in the open. …more

NEW TECH: ‘Network Traffic Analysis’ gets to ground truth about data moving inside the perimeter

By Byron V. Acohido

Digital transformation is all about high-velocity innovation. But velocity cuts two ways.

Related: Obsolescence creeps into perimeter defenses

Yes, the rapid integration of digital technologies into all aspects of commerce has enabled wonderful new services. But it has also translated into an exponential expansion of the attack surface available to cyber criminals.

This has led us to the current environment in which security threats are multiplying even as network breaches grow costlier and more frequent.

However, a newly-minted security sub-specialty —  christened Network Traffic Analysis, or NTA, by Gartner — holds some fresh promise for getting to the root of the problem. I had the chance to sit down at RSA 2019 with ExtraHop Networks, a Seattle-based supplier of NTA systems.

ExtraHop’s CISO Jeff Costlow walked me through what’s different about the approach NTA vendors are taking to help companies detect and deter leading-edge threats. For a drill down, give a listen to the accompanying podcast. Key takeaways:

NTA’s distinctions

Software development today routinely occurs at high velocity in order to build the digital services we can’t live without. Modular microservices, software containers and orchestration tools get spun up, using open source components; all of this mixing and matching occurs in the internet cloud, keeping things moving right along.

The inevitable security gaps that get created as part of this highly dynamic process have been getting short shrift, in deference to shipping deadlines. It’s not as though legacy security vendors are asleep at the wheel; they’ve been applying machine learning and AI to the output of SIEMs, firewalls, intrusion detection and other traditional security products designed to filter and detect malicious traffic directed at, and coming through, the perimeter. …more

NEW TECH: CloudKnox takes aim at securing identity privileges for humans — and non-humans

By Byron V. Acohido

Companies are embracing hybrid cloud deployments like never before, mixing and matching on-premises IT systems with off-premises cloud services.

Related: Machine identities present wide open attack vector

To accomplish this, they must grant and manage access privileges to human identities: remote employees, third-party suppliers and far-flung customers.

Arguably even more vital is the granting of access privileges to thousands more non-human identities – the service accounts that connect modular coding components, like the microservices, software containers and APIs that make up the stretchable fabric of cloud services.

Without this provisioning of access privileges to human and non-human identities, hybrid cloud commerce  would not be possible. And yet, somehow, hybrid deployments have gained wide adoption without fully accounting for an entire new tier of identity risks.

This exposure extends from companies losing track of identities and overprovisioning privileges.  CloudKnox Security, a Sunnyvale, CA-based security vendor, launched last October, specifically to help companies more effectively manage human and non-human identity privileges in the brave new world of hybrid networks.

I had a chance at RSA 2019 to visit with company founder and CEO Balaji Parimi. For a drill down, give a listen to our full interview via the accompanying podcast. A few key takeaways:

Multiplying privileges

Remember the old problem of Microsoft shipping Windows server software with weak administrator passwords as the default? Take that systemic security weakness, put it on steroids, and you get a sense of the exposure lurking in identities today.

For instance, on the human side of things, Parimi informed me that there are 7,800 distinct privileges, or unique actions—granted to administrators across Amazon Web Services, Microsoft Azure, Google Cloud and VMware vSphere.

And then there are magnitudes of order more non-human identities to worry about. “With DevOps, when you check-in your code, it automatically gets built and created into production. All of this is done with a service account, …more