Enterprise Security, Platform Security, Software Security
Business Wire | August 10, 2023
Abnormal Security, the leading behavioral AI-based email security platform, today announced CheckGPT, used to detect AI-generated attacks. The new capability determines when email threats, including business email compromise (BEC) and other socially-engineered attacks, have likely been created using generative AI tools.
Cybercriminals are constantly evolving their attack tactics to evade detection by security defenses, and generative AI is the newest weapon in their arsenal. Using tools like ChatGPT or its malicious cousin WormGPT, threat actors can now write increasingly convincing emails, scaling their attacks in both volume and sophistication. In its latest research report, Abnormal observed a 55% increase in BEC attacks over the previous six months—with the potential for volumes to increase exponentially as generative AI becomes more widely adopted.
“The degree of email attack sophistication is going to significantly increase as bad actors leverage generative AI to create novel campaigns,” said Karl Mattson, chief information security officer at Noname Security. “It's not reasonable that each company can become an AI security specialty shop, so we're putting our trust in Abnormal to lead the way in that kind of advanced email attack detection.”
Unlike traditional email security solutions, Abnormal takes a radically different approach to stopping advanced email attacks, making it particularly well-suited to the challenge of blocking AI-generated attacks. The unique API architecture ingests thousands of diverse signals to build a baseline of the known-good behavior of every employee and vendor in an organization based on communication patterns, sign-in events and thousands of other attributes. It then applies advanced AI models including natural language processing (NLP) to detect abnormalities in email behavior that indicate a potential attack.
After initial email processing, the Abnormal platform expands upon this classification by further processing email attacks to understand their intent and origin. The CheckGPT tool leverages a suite of open source large language models (LLMs) to analyze how likely it is that a generative AI model created the message. The system first analyzes the likelihood that each word in the message has been generated by an AI model, given the context that precedes it. If the likelihood is consistently high, it’s a strong potential indicator that text was generated by AI.
The system then combines this indicator with an ensemble of AI detectors to make a final determination on whether an attack was likely to be generated by AI. As a result of this new detection capability, Abnormal recently released research showing a number of emails that contained language strongly suspected to be AI-generated, including business email compromise and credential phishing attacks.
“As the adoption of generative AI tools rises, bad actors will increasingly use AI to launch attacks at higher volumes and with more sophistication,” said Evan Reiser, chief executive officer at Abnormal Security. “Security leaders need to combat the threat of AI by investing in AI-powered security solutions that ingest thousands of signals to learn their organization’s unique user behavior, apply advanced models to precisely detect anomalies, and then block attacks before they reach employees. While it’s important to understand whether an email was generated by a human or AI to understand and stay ahead of evolving threats, the right system will detect and block attacks no matter how they were created.”
About Abnormal Security
Abnormal Security provides the leading behavioral AI-based email security platform that leverages machine learning to stop sophisticated inbound email attacks and dangerous email platform attacks that evade traditional solutions. The anomaly detection engine leverages identity and context to analyze the risk of every cloud email event, preventing inbound email attacks, detecting compromised accounts, and remediating emails and messages in milliseconds—all while providing visibility into configuration drifts across your environment. You can deploy Abnormal in minutes with an API integration for Microsoft 365 or Google Workspace and experience the full value of the platform instantly, with additional protection available for Slack, Teams, and Zoom. More information is available at abnormalsecurity.com.
Data Security, Platform Security
GlobeNewswire | August 31, 2023
Laminar, the leading data security posture management (DSPM) company, recently acquired by Rubrik, the Zero Trust Data Security™ Company, today announced that it has added support for Microsoft OneDrive and Google Drive. Customers can now use Laminar to continually discover overexposed and unprotected sensitive data in OneDrive and Google Drive, enabling proactive risk remediation and data leak detection. With this expanded support, organizations can safeguard sensitive data across their entire digital landscape, including major cloud service providers Amazon Web Services (AWS), Google Cloud Platform (GCP), and Microsoft Azure as well as Snowflake, BigQuery, and other SaaS applications.
As organizations increasingly leverage cloud file-sharing services like Google Drive and OneDrive for seamless data sharing and storage, the potential risks associated with data breaches, unauthorized access, and compliance violations have grown significantly. Data security and governance teams’ limited visibility into the contents of these files can lead to unprotected sensitive data. Additionally, unintentional file sharing and incorrect permissions can lead to oversharing internally and externally.
To address these challenges, the Laminar Data Security Platform takes an agnostic approach to data security; discovering, classifying, and securing sensitive data as it moves across an organization’s digital environment, including collaborative cloud-based services. Laminar provides secure scanning, ensuring data is not removed from the customer environment. With the platform, data security and governance teams can see and secure enterprise data consistently across the entire digital landscape.
"Today’s businesses are powered by cloud file-sharing services, which enable easy and rapid collaboration. This is why it is so critical to have a comprehensive approach to data security, so as to not leave these important files unprotected. With the integration of Microsoft OneDrive and Google Drive support into the Laminar Data Security Platform, we believe this is a giant step towards solving this sensitive data security challenge," said Amit Shaked, CEO and co-founder at Laminar. "We recognize that data security is a collective responsibility, encompassing every individual within an organization. Laminar is now positioned to provide an agile platform that safeguards sensitive information, no matter where it resides or whether it's utilized by developers, data scientists, or any employee across an organization."
The news follows the acquisition of Laminar by Rubrik, the Zero Trust Data Security Company™. Together, Rubrik and Laminar create the industry’s first complete cyber resilience offering of its kind bringing together cyber recovery and posture across enterprise, cloud, and SaaS.
Laminar, a Rubrik company, combines cloud-native design with deep security expertise to provide the visibility and control organizations need to protect their most sensitive data. The Laminar Data Security Platform continuously discovers and classifies cloud data, structured and unstructured, across managed and self-hosted data stores, including unknown shadow data, without the data ever leaving your environment. It analyzes access, usage patterns, and security posture, and provides actionable, guided remediation for data security risk. Together, Rubrik and Laminar enable organizations to be even more proactive in the fight against cyberattacks and provide businesses with a complete cyber resilience solution.
Rubrik is a cybersecurity company. We are the pioneer in Zero Trust Data Security™. Companies around the world rely on Rubrik for business resilience against cyber attacks, malicious insiders, and operational disruptions. Rubrik Security Cloud, powered by machine intelligence, enables our customers to secure data across their enterprise, cloud, and SaaS applications. We automatically protect data from cyber attacks, continuously monitor data risks, and quickly recover data and applications.
Platform Security, Software Security, Cloud Security
PR Newswire | August 02, 2023
Legit Security, a cyber security company with an enterprise Application Security Posture Management platform that secures application delivery and protects an organization's software supply chain from attack, today announced a partnership with CrowdStrike, a global leader in cloud-delivered protection of endpoints, cloud workloads, identity and data protection. With this partnership, Legit Security integrates with the CrowdStrike Falcon® platform to provide extended application security, auto-discovery, and vulnerability management. Leveraging the two solutions, customers can automatically trace cloud application vulnerabilities back to their code origin and more rapidly prioritize and remediate security issues leveraging deep application context.
With the need for frequent software releases, DevOps and modern CI/CD pipelines have left security teams struggling to secure their cloud applications in the face of increasing threats. Within these constantly changing development environments, legacy security approaches fall short with high levels of noise and alerts, making it difficult to quickly prioritize cloud application vulnerabilities and identify the root cause. Compounding the challenge, organizations lack real-time application security posture management across their CI/CD pipelines and pre-production development environments as software supply chain attacks continue to grow dramatically.
With Legit Security's integration with the Crowdstrike Falcon® platform, security teams can quickly see where vulnerabilities discovered in production applications originated, and where vulnerabilities discovered in code get deployed. Legit Security ingests security data across cloud workloads from the CrowdStrike Falcon platform to identify and trace the source of vulnerabilities and accelerate triage and prioritization of issues based on context and severity.
"Cloud application security is a top priority, however enterprises need to balance security with an ability to improve productivity and do more with less," said Roni Fuchs, CEO and co-founder, Legit Security. "Instantly tracing cloud application security vulnerabilities back to their source with full context regarding the application, its software supply chain, and code origination can dramatically improve remediation time and productivity for both security and development teams. Now listed in the CrowdStrike Store, Legit Security's offering allows customers to easily find information on our integration to ultimately gain dramatic improvements in risk scoring, security issue classification and prioritization, and get the most out of their valuable security resources."
About Legit Security
Legit Security provides application security posture management platform that secures application delivery from code to cloud and protects an organization's software supply chain from attack. The platform's unified application security control plane and automated SDLC discovery and analysis capabilities provide visibility and security control over rapidly changing environments and allow security issues to be prioritized based on context and business criticality to improve security team efficiency and effectiveness.