Enterprise Security, Platform Security, Software Security
Business Wire | August 10, 2023
Abnormal Security, the leading behavioral AI-based email security platform, today announced CheckGPT, used to detect AI-generated attacks. The new capability determines when email threats, including business email compromise (BEC) and other socially-engineered attacks, have likely been created using generative AI tools.
Cybercriminals are constantly evolving their attack tactics to evade detection by security defenses, and generative AI is the newest weapon in their arsenal. Using tools like ChatGPT or its malicious cousin WormGPT, threat actors can now write increasingly convincing emails, scaling their attacks in both volume and sophistication. In its latest research report, Abnormal observed a 55% increase in BEC attacks over the previous six months—with the potential for volumes to increase exponentially as generative AI becomes more widely adopted.
“The degree of email attack sophistication is going to significantly increase as bad actors leverage generative AI to create novel campaigns,” said Karl Mattson, chief information security officer at Noname Security. “It's not reasonable that each company can become an AI security specialty shop, so we're putting our trust in Abnormal to lead the way in that kind of advanced email attack detection.”
Unlike traditional email security solutions, Abnormal takes a radically different approach to stopping advanced email attacks, making it particularly well-suited to the challenge of blocking AI-generated attacks. The unique API architecture ingests thousands of diverse signals to build a baseline of the known-good behavior of every employee and vendor in an organization based on communication patterns, sign-in events and thousands of other attributes. It then applies advanced AI models including natural language processing (NLP) to detect abnormalities in email behavior that indicate a potential attack.
After initial email processing, the Abnormal platform expands upon this classification by further processing email attacks to understand their intent and origin. The CheckGPT tool leverages a suite of open source large language models (LLMs) to analyze how likely it is that a generative AI model created the message. The system first analyzes the likelihood that each word in the message has been generated by an AI model, given the context that precedes it. If the likelihood is consistently high, it’s a strong potential indicator that text was generated by AI.
The system then combines this indicator with an ensemble of AI detectors to make a final determination on whether an attack was likely to be generated by AI. As a result of this new detection capability, Abnormal recently released research showing a number of emails that contained language strongly suspected to be AI-generated, including business email compromise and credential phishing attacks.
“As the adoption of generative AI tools rises, bad actors will increasingly use AI to launch attacks at higher volumes and with more sophistication,” said Evan Reiser, chief executive officer at Abnormal Security. “Security leaders need to combat the threat of AI by investing in AI-powered security solutions that ingest thousands of signals to learn their organization’s unique user behavior, apply advanced models to precisely detect anomalies, and then block attacks before they reach employees. While it’s important to understand whether an email was generated by a human or AI to understand and stay ahead of evolving threats, the right system will detect and block attacks no matter how they were created.”
About Abnormal Security
Abnormal Security provides the leading behavioral AI-based email security platform that leverages machine learning to stop sophisticated inbound email attacks and dangerous email platform attacks that evade traditional solutions. The anomaly detection engine leverages identity and context to analyze the risk of every cloud email event, preventing inbound email attacks, detecting compromised accounts, and remediating emails and messages in milliseconds—all while providing visibility into configuration drifts across your environment. You can deploy Abnormal in minutes with an API integration for Microsoft 365 or Google Workspace and experience the full value of the platform instantly, with additional protection available for Slack, Teams, and Zoom. More information is available at abnormalsecurity.com.
Read More
Enterprise Security, Platform Security, Software Security
Business Wire | July 31, 2023
Identiv, Inc. (NASDAQ: INVE), a global leader in digital security and identification in the Internet of Things (IoT), introduces Primis, a suite of access control solutions designed for every security need. Primis offers secure, affordable, and ready-to-use security solutions straight out of the box, streamlining access control for businesses of all sizes.
The suite features Primis on-premises access control, Primis Cloud, Primis Mobile, and the EG-2 controller. By transforming traditional physical access control systems into user-friendly, cyber-secure solutions, Primis simplifies security.
Ideal for small to medium-sized setups, the Primis suite ensures quick installation, minimal training, and easy maintenance. It delivers superior security and reliability at the lowest possible cost, already proven across over 500 deployments to date.
“Primis isn't your parent's access control. It's designed for today's SMBs and future-focused organizations; this is our vision for the future of access control where complexity is no barrier and where high security is accessible to everyone,” said Mike Taylor, VP Global Sales, Identiv. “With Primis, access control is always ready, making security simple and easy to use.”
The Primis suite includes:
Primis: On-site access control hardware and software transforms security with robust, feature-rich technology. It integrates seamlessly with IT networks, eliminating complex configurations and potential vulnerabilities, resulting in enhanced, reliable access control at a lower cost.
Primis Cloud: This flexible, secure access control as a service (ACaaS) offering delivers a cloud-based, subscription service version of Primis that minimizes maintenance. Housed in Identiv’s secure AWS virtual environment, Primis Cloud provides 24/7, interruption-free access control.
Primis Mobile: The app leverages GPS technology to replace physical credentials with an innovative mobile solution, simplifying access control management through an easy mobile enrollment process.
EG-2: A robust mix of power, flexibility, and security, EG-2 is a smart controller that allows door access management from anywhere. It provides a resilient solution that adapts to business needs, even in the event of server disconnections.
“Today's launch underscores Identiv’s commitment to delivering top-tier service, security, and support to our partners,” Taylor added. “We invite potential partners to join our global network and benefit from our world-class program.”
The Primis suite is exclusively available worldwide through the Identiv Channel Alliance Network (ICAN) partner program. ICAN Partners enjoy numerous benefits, including product discounts, access to comprehensive technical support, sales leads, authorized dealer certificates, co-branded marketing materials, and instant 24/7 access to sales tools and technical resources.
About Identiv
Identiv, Inc. is a global leader in digitally securing the physical world. Identiv’s platform encompasses RFID and NFC, cybersecurity, and the full spectrum of physical access, video, and audio security. Identiv is a publicly traded company, and its common stock is listed on the NASDAQ Stock Market LLC in the U.S. under the symbol “INVE.” For more information, visit identiv.com.
Read More
Enterprise Security, Platform Security, Software Security
PR Newswire | August 18, 2023
Kivu Consulting, a premier global cybersecurity solutions provider, is proud to introduce two new managed security services: Cloud Detection and Response and Identity Threat Detection and Response.
Powered by CrowdStrike, as part of Kivu and CrowdStrike's elite MSSP partnership, these innovative services are designed to equip clients with new capabilities to address the expanding technology attack surface and continued targeting of digital identities by cyber threats.
Cloud Detection and Response:
Kivu's Cloud Detection and Response service is a fully managed solution engineered to support cloud and hybrid environments. Key features include:
Identification and alerts for cloud accounts, infrastructure misconfigurations, and compliance violations.
Detection and prevention of cloud account and control plane threats.
Resolution of vulnerabilities and misconfigurations in Cloud workload.
Runtime detection and response for container and function-based applications.
Identity Threat Detection and Response:
Kivu's Identity Threat Detection and Response service integrates seamlessly with Active Directory and cloud-based identity stores to provide:
Real-time threat detection using AI-based behavioral analytics for actionable insights.
Early identification of threats before systems and data are impacted.
Identity scoring and enforcement of robust authentication for risk-based remediation.
Implementation of Zero Trust Principles.
"As a leading incident response firm, we are observing daily how the threat landscape changes. Remote work has surged post-pandemic, the cloud has become a predominant IT delivery model, and zero trust is a priority," said Gary Alterson, Vice President of Kivu's Managed Security Services. "Our Cloud and identity managed services address modern threats and ensure we are providing the best possible security outcomes for our clients."
"The steady increase in compromised credentials magnifies the importance of identity threat protection, and Kivu is determined to address this critical client need," said Shane Sims, CEO of Kivu Consulting. "With the launch of our expanded managed security services, Kivu continues to lead in providing trusted solutions to our clients and cybersecurity ecosystem partners."
About Kivu Consulting
Kivu is a leading global cybersecurity firm that offers a full suite of pre- and post-incident services, specializing in the forensic response to cyberattacks and ransomware incidents. We deliver cutting-edge cybersecurity solutions to organizations in need and are a trusted cyber incident partner to insurance carriers and law firms worldwide. Visit KivuConsulting.com.
Read More