Home Podcasts Videos Guest Posts Q&A My Take Bio Contact

NEW TECH: Acalvio weaponizes deception to help companies turn the tables on malicious hackers

By Byron V. Acohido

Differentiating itself in a forest of cybersecurity vendors has not been a problem for start-up Acalvio Technologies. While hundreds of other security companies tout endless types and styles of intrusion detection and prevention systems, Acalvio has staked out turf in a promising new sub-segment: deception-based security systems.

Related article: Hunting for exposed data

Launched in 2015 by a group of cybersecurity veterans, the Santa Clara, Calif.-based start-up has 50 employees and has raised $22 million in venture capital financing to date. It has achieved this by pioneering technology that lays in wait for intruders who manage to get inside a company’s firewall, and then leads them down a path rife with decoy systems and faux data.

I had the chance to visit with Acalvio marketing chief, Rick Moy, at RSA Conference 2018. For a drill down on our conversation please listen to the accompanying podcast. Here are a few high-level takeaways:

Changing tactics

Deception is an age-old stratagem. Animals and insects use it to survive in the wild. Warring nations use it to gain tactical advantage over each other. Cybercrime and cyber warfare, no surprise, largely revolve around deception. Phishers deceive to gain trust; hackers deceive to avoid detection. …more

How ‘identity governance’ addresses new attack vectors opened by ‘digital transformation’

By Byron V. Acohido

Mark McClain and Kevin Cunningham didn’t rest for very long on their laurels, back in late 2003, after they had completed the sale of Waveset Technologies to Sun Microsystems. Waveset at the time was an early innovator in the then-nascent identity and access management (IAM) field.

The longtime business partners immediately stepped up planning for their next venture, SailPoint Technologies, which they launched in 2005 to pioneer a sub segment of IAM, now referred to as identity governance. Today SailPoint has 800-plus employees and growing global sales.

Related article: What the Uber hack tells us about DevOps exposures

The company is coming off a successful initial public offering last November in which it raised $240 million. SailPoint’s share price has climbed from the mid-teens to the mid-twenties since its IPO.

I had the chance to visit with McClain, SailPoint’s CEO – Cunningham serves as chief strategy officer—at RSA Conference 2018. We had an invigorating discussion about how “digital transformation” has intensified the urgency for organizations to comprehensively address network security, and how identity governance is an important piece of that puzzle. For a full drill down, please listen to the accompanying podcast. Here are excerpts edited for clarity and space:

LW: Your focus is on helping companies do much better at a fundamental security best practice.

McClain: Exactly. Within the big realm of security, we’re within the realm of identity, which is getting a lot of airtime these days.  And within identity, our focus is on what’s called identity governance . . . The company has been around for a while now. We work in almost every industry vertical and focus on mid-sized enterprises with 2,000 to 3,000 employees all the way to the largest global enterprises in the world. …more

PODCAST: Netsparker advances penetration testing 2.0 – automated web app vulnerability scanning

By Byron V. Acohido

A dozen years ago, or so, Ferruh Mavituna was doing very well as a lead penetration tester at a prominent cybersecurity consultancy when his frustration level began to spike.

Mavituna had access to the best tools available to hunt down latent vulnerabilities in web applications. And yet, all too often for Mavituna’s tastes, the tools spat out “false positives” – false alerts to vulnerabilities that really did not exist. Or sometimes the tools would simply overlook security holes that would later surface.

Related article: Cross-site scripting attacks plague web apps.

Believing he could do much better, Mavituna spent a few years doing R&D and then in 2009 launched Netsparker to introduce a new type of automated web vulnerability scanner. Today Netsparker’s automated scanner is used by the likes of Samsung, NASA, Skype, ING and Ernst & Young.

I had a chance to visit with Mavituna at RSA Conference 2018 recently in San Francisco. The company, which is headquartered in the U.K., had just announced receipt of $40 million in financing from  Turn/River Capital, a San Francisco-based growth and private equity fund. The cash infusion will be used to accelerate marketing and expand into more geographical markets.

Just last week, Netsparker received the prestigious Queen’s Award for Enterprise. To qualify the company had to demonstrate steep year-on-year growth  in overseas sales three years running, or substantial year-on-year growth over six years. …more

PODCAST: Can ‘gamification’ of cyber training help shrink the human attack vector?

By Byron V. Acohido

The human attack vector remains the most pervasively probed path for malicious hackers looking to gain a foothold inside a company’s firewall.

And yet, somehow, cyber awareness training has not kept pace. Circadence hopes to change that. The Boulder, Colo.-based company got its start in the gaming industry 20 years ago, shifted to supplying cyber warfare training ranges to the military, and now is making a push to help companies add truly effective employee cyber awareness training as a key component to keeping their networks safe.

Related article: Why employee cyber training needs an overhaul

For years, teachers told us that learning can be fun. Circadence is taking that philosophy and running with it. The company is seeking to adapt “gamification” technologies to employee cyber awareness training. If it succeeds, it could help set a new paradigm for addressing the “people” component of defending networks.

I had the chance to converse with Keenan Skelly, Circadence vice president of global partnerships and security evangelist, at RSA Conference 2018 in San Francisco. For a drill down on our discussion, give a listen to the accompanying podcast. Here are a few high-level takeaways:

Gamers’ edge

Circadence got its start in the early 1990s as a publisher of one of the earliest massively multiplayer games. It turned out that the company’s expertise in generating and displaying complex graphics and getting high fidelity data from point A to point B in fantasy landscapes had a very useful real-world application – helping U.S. military operatives maintain an edge while engaging in ongoing cyber warfare. …more

PODCAST: How managing ‘privileged accounts’ can help make ‘digital transformation’ more secure

By Byron V. Acohido

One of the most basic things a company can do to dramatically improve their security posture is to keep very close track of who has what access to which privileged accounts inside the company firewall.

This is a best practice of privileged account management, which is a burgeoning sector of the identity and access management (IAM) field. For a variety of reasons, IAM is once again becoming acutely problematic.

Related article: Why savvy companies lock down privileged access

Not nearly enough attention was paid to IAM best practices when we first cobbled together digital business systems 20 years ago — and then piggybacked them onto the Internet. In general, the corporate world still is not very good at enforcing policies that ensure only the proper people have access to an organization’s technology resources.

And now the “digital transformation” of corporate networks is steamrolling downhill. As we meld legacy company systems to cloud services, IAM exposures are flaring up once again. A recent survey of IT organizations in the U.S. and Europe by Atlanta-based security vendor Bomgar found that risky employee password-usage practices continues to be a challenge for a majority of organizations.

Bomgar was founded in 2003 by Joel Bomgar, who was then a college student moonlighting as a techie contractor helping companies update and manage their Windows computers. One day Bomgar realized he was losing valuable time driving from client to client to resolve simple issues. So he developed his own proprietary solution to access his clients’ computers, and began providing his services remotely.

That quickly evolved into a platform of solutions that allow IT administrators and security professionals to securely manage access to systems and privileged accounts. Bomgar (the company) subsequently emerged as a leading provider of IAM and security solutions and has grown to than 300 employees with offices in five countries. …more

PODCAST: That crumbling sound you hear is obsolescence creeping into legacy security systems

By Byron V. Acohido

For more than 20 years companies have, by and large, bought into the notion that they must take a  “defense in depth” approach to network security. The best way to curtail network breaches, companies were told, was to erect strong perimeter firewalls, and then pile on dozens of layers of defenses on endpoint devices, databases, servers and applications.

Related article: Machine learning perfectly suits security analytics

Say goodbye to defense in depth as it swirls down the drain pipe to obsolescence; there is a tectonic shift in the way companies have begun to assemble and use corporate networks. This shift, in turn, has pushed legacy security defenses to the edge of the cliff where they are teetering at the brink of obsolescence.

I had an engrossing and enlightening conversation about this with Jesse Rothstein, CTO of ExtraHop, at the RSA Conference 2018 in San Francisco last week. Rothstein and Raja Mukerji formerly were senior software architects at F5 Networks, the network switching systems supplier that competes against Cisco and Juniper Networks.

One day, Rothstein and Mukerji began noodling a simple question: at a time of unprecedented scale, complexity, and dynamism, how do companies gain an actionable understanding of their IT environments? The answer: they don’t.

So, Rothstein and Mukerji co-founded ExtraHop in 2007 to help companies do just that. By 2014, the company closed a $41 million round of Series C financing, and today has 350 employees delivering network diagnostics and security analytics systems. …more

PODCAST: How freeing security analysts from repetitive tasks can turbo boost SOCs

By Byron V. Acohido

It wasn’t too long ago that security start-up Demisto was merely a notion bantered over at a coffee break. While working at McAfee, Slavik Markovich and Rishi Bhargava would sip espresso and discuss the challenges companies faced getting more effective protection from their Security Operation Centers, or SOCs.

Related article: How MSSPs can help small and mid-sized businesses

They took it a step further by polling security professionals. The feedback they got was consistent. The security pros reported that, despite having invested heavily in SOCs, their organizations continued to struggle making productive sense of endless signals from overlapping detection systems, even as the volume of cyber attacks continues to intensify. What’s more, the shortage of skilled security analysts available to try …more