Data Security

Cybersecurity Startup BitTrap Develops Groundbreaking Detection Technology to Address Surge in Cyberattacks

Startup company BitTrap has announced a blockchain-based cybersecurity solution that leverages attackers' motivations to provide singular detection capabilities. This approach differs from cybersecurity paradigms that focus on trying to keep attackers from breaking in. Instead, it assumes some have already made their way inside a network, undetected, and is designed to identify them and reduce hacker dwell time in the compromised system.

The system works by deploying a vast network of wallets in every endpoint or cloud instance. Each wallet contains a risk-adjusted bounty of cryptocurrency assets calibrated, based on research from the BitTrap Attacker Behavioral Labs, to ensure it will capture an attacker's attention. Collecting the bounty triggers an incident-response operation that alerts the organization of the breach, effectively causing the hacker to reveal their presence. The vulnerability can be quickly assessed and patched while avoiding ransomware and data exfiltration altogether.

BitTrap began operations in 2020 after cyberattacks multiplied during the global pandemic. The company's founders, who combine decades of industry experience in cybersecurity and expertise in attacker behavior, developed the groundbreaking technology to help companies actually benefit from cyberattacks. "It is very important to capitalize on security incidents, using each opportunity to learn and prioritize efforts," said BitTrap CTO Ariel Futoransky. "We need to understand our adversaries' main motivation and use it to overcome our challenges and reduce the impact of attacks. With our unique approach, we can tackle both issues at the same time. We go a long way beyond intrusion detection or deception."

The company is particularly proud of the new solution. Through the company's Attacker Behavioral Labs, Altszul said, "We intend to keep investing and developing the most sophisticated capacity in the industry to understand attacker behavior. After our initial success, we are getting ready to raise a new round of financing to fuel our expansion in the market.

BitTrap CEO Jonatan Altszul

About BitTrap
BitTrap is a cybersecurity solution company with a groundbreaking crypto approach, changing how companies face and resolve attacks while saving money along the way. BitTrap triggers immediate alarms using risk-adjusted economic incentives to reveal vulnerabilities without compromising performance. We go far beyond deception technology.

Spotlight

Organizations are losing IT and security control Once upon a time, IT and security teams focused mostly on managing their organization’s on-prem environment. But as business requirements changed, customer bases became global, and remote work took root, these technology teams were handed responsibility across more domains: cloud


Other News
Software Security

Fortinet Advances the Industry’s Most Comprehensive Operational Technology Security Platform

Fortinet | December 19, 2023

Fortinet (NASDAQ: FTNT), the global cybersecurity leader driving the convergence of networking and security, today announced the latest release of new, integrated operational technology (OT) security solutions and services. These additions further distance Fortinet’s industry-leading OT Security Platform from the rest of the market. “We understand that OT differs significantly from traditional IT systems, and that’s why our OT Security Platform was purpose-built to provide integrated protection and risk management specific to industrial environments,” said John Maddison, Chief Marketing Officer and EVP, Product Strategy at Fortinet. “Rising attacks on critical infrastructure have made OT security more important than ever before. With today’s news, Fortinet continues to empower customers with the most sophisticated OT solutions and intelligence in the industry.” The Need for Integrated OT-Specific Security The number of industrial devices connected beyond their network boundaries is rapidly increasing, and CISOs now face skyrocketing risks across their OT environments. In fact, Fortinet found that three-fourths of OT organizations reported at least one intrusion in the last year, and nearly one-third reported being victims of a ransomware attack. To solve this challenge, organizations need an integrated security approach designed specifically for industrial solutions that enables policy enforcement across the entire attack surface, consolidates point products, and reduces operational overhead. Bolstering the Fortinet OT Security Platform with New and Enhanced Offerings The Fortinet OT Security Platform is an integrated portfolio of cybersecurity products, solutions, and security services designed specifically for industrial networks and powered by real-time OT threat intelligence. Because the OT Security Platform is a part of the Fortinet Security Fabric, it empowers customers with deep visibility across their entire environment and securely facilitates IT/OT convergence. The platform also gives organizations the ability to implement a zero-trust model within OT environments, including secure remote access to OT assets and systems for remote employees and contractors. OT Security Platform updates announced today, which build on improvements unveiled earlier this year, span two key pillars of the Security Fabric: Secure Networking for OT The new FortiSwitch Rugged 424F is an industrial-class ethernet switch (IES) designed to address the requirements of digital substations and the power utility industry. The switch supports real-time OT networking protocols and integrates with FortiGate Next-Generation Firewalls (NGFWs) for comprehensive security and access control. The new FortiAP 432F access point meets Class 1, Division 2 requirements for use in hazardous OT environments. It can segment industrial Wi-Fi networks to prevent attacks from spreading across unprotected devices and systems. This expansion of the IP67-rated access-point line now enables the deployment of additional OT applications in industries such as oil and gas. The new FortiExtender Vehicle 211F wireless gateway is a semi-ruggedized mobility solution for connected fleets, mobile systems, and OT deployments. It was also designed to meet the requirements of the AT&T FirstNet wireless communications network for first responders. FortiOS, Fortinet’s operating system, has been updated with the OT View dashboard, which correlates and displays important OT data. This dashboard makes it easy for organizations to understand their entire attack surface—both IT and OT—and take action from a single console. Security Operations and Services for OT FortiAnalyzer now includes OT-specific analytics, risk, and compliance reports, providing security operations teams with faster threat detection, asset and vulnerability correlation, and reporting. FortiNDR, which supports on-premises, cloud, and hybrid deployments, can now analyze more than 15 different OT-network protocols. It also includes AI-powered OT-network behavior analysis to identify malicious network activity and files. FortiDeceptor, Fortinet’s deception technology for early breach and attack isolation, now supports 30 OT protocols and additional OT decoys to protect diverse industrial environments. The FortiGuard OT Security Service boasts the industry’s deepest OT threat intelligence database and now covers more than 70 OT protocols and more than 4,000 OT application and device vulnerability signatures. These signatures enable strict access control policies on network traffic and provide virtual patching for vulnerable OT assets. FortiGuard Outbreak Alerts, an industry-leading cybersecurity resource, now includes critical information about OT-specific threats. This empowers customers with the information they need to harden their systems against new and emerging attacks following the NIST Cyber Security Framework. "IT and OT are converging and these colliding environments are increasing overall risk. Our clients require robust OT solutions and services without extensive deployments that complicate administration and place additional strain on IT and security teams. Through the Fortinet OT Security Platform, we can provide clients with a unified approach of safeguarding both the carpeted side of a business as well as the concrete side of the business. We eagerly anticipate introducing these updated and novel offerings to our customer community." – Dan Sanderson, VP of Strategy, Cyber Advisors About Fortinet Fortinet (NASDAQ: FTNT) is a driving force in the evolution of cybersecurity and the convergence of networking and security. Our mission is to secure people, devices, and data everywhere, and today we deliver cybersecurity everywhere you need it with the largest integrated portfolio of over 50 enterprise-grade products. Well over half a million customers trust Fortinet's solutions, which are among the most deployed, most patented, and most validated in the industry. The Fortinet Training Institute, one of the largest and broadest training programs in the industry, is dedicated to making cybersecurity training and new career opportunities available to everyone. FortiGuard Labs, Fortinet’s elite threat intelligence and research organization, develops and utilizes leading-edge machine learning and AI technologies to provide customers with timely and consistently top-rated protection and actionable threat intelligence. Learn more at https://www.fortinet.com, the Fortinet Blog, and FortiGuard Labs.

Read More

Software Security

GuidePoint Security Announces New Identity as a Service Offering

GuidePoint Security | December 14, 2023

GuidePoint Security, a cybersecurity solutions leader enabling organizations to make smarter decisions and minimize risk, today announced the launch of its Identity as a Service, which will help organizations address the complex challenges of identity management by optimizing resources, enhancing user experience, and ensuring security. GuidePoint’s Identity as a Service can cover part or all aspects of an organization’s identity program, including Access Management, Identity Governance & Administration, Privileged Access Management, and Customer Identity & Access Management. By prioritizing secure and efficient access management, this service supports staffing challenges, streamlines IAM processes, reduces help-desk workloads, and simplifies compliance and audit reporting. “IAM is a key business enabler and fundamental to our customers’ ability to adapt to new challenges with a security focus,” said Kevin Converse, VP of IAM, GuidePoint Security. “Our Identity as a Service offering is designed to align with an organization's unique IAM program needs—across any or all pillars of IAM—ensuring operational efficiency and support for program challenges and growth. With this service, customers can rest assured that our experts will manage the day-to-day operations of their IAM program, including ticket management, user access and privilege management, policy administration, vendor escalations, and root cause analysis.” Key Benefits of Identity as a Service: Access to industry-leading technical expertise and managed services Removes operational burden on hiring managers and improves user experience and productivity Reduces help desk costs and improves process efficiencies Lowers the risk of inappropriate access and simplifies reporting of access audit events At the beginning of an Identity as a Service engagement, GuidePoint Security’s IAM experts will meet with key stakeholders to establish program goals and fully understand the organization’s current operational processes. Additionally, a dedicated customer success manager will be assigned. Next, the team will conduct a comprehensive IAM health check and build a tailored roadmap of recommendations and a prioritized remediation process for any identified deficiencies. Upon reaching the operational stage of the engagement, the GuidePoint team will: Review in weekly status meetings any open and pending tickets and examine upcoming requests or changes Continually monitor critical services Conduct regular health checks to ensure all platforms stay up-to-date Maintain the integrity of the organization’s IAM environment About GuidePoint Security GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions that minimize risk. Our experts act as your trusted advisor to understand your business and challenges, helping you through an evaluation of your cybersecurity posture and ecosystem to expose risks, optimize resources and implement best-fit solutions. GuidePoint’s unmatched expertise has enabled a third of Fortune 500 companies and more than half of the U.S. government cabinet-level agencies to improve their security posture and reduce risk. Learn more at www.guidepointsecurity.com.

Read More

Platform Security

D3 Security is a proud participant in the Microsoft Security Copilot Partner Private Preview

D3 Security | January 08, 2024

D3 Security today announced its participation in the Microsoft Security Copilot Partner Private Preview. D3 Security was selected based on their proven experience with Microsoft Security technologies, willingness to explore and provide feedback on cutting edge functionality, and close relationship with Microsoft. “In the context of security, AI’s impact is likely to be profound, tilting the scales in favor of defenders and empowering organizations to defend at machine speed. At Microsoft, we are privileged to have a leading role in advancing AI innovation, and we are so grateful to our incredible ecosystem of partners, whose mission-driven work is critical to helping customers secure their organizations and confidently bring the many benefits of AI into their environments,” said Vasu Jakkal, Corporate Vice President, Microsoft Security. D3 Security is working with Microsoft product teams to help shape Security Copilot product development in several ways, including validation and refinement of new and upcoming scenarios, providing feedback on product development and operations to be incorporated into future product releases, and validation and feedback of APIs to assist with Security Copilot extensibility. “D3 has always pushed SOAR technology forward, be it through our deep research into integration design; our Event Pipeline, which reduces alert-handling time by up to 99%; or our operationalizing of the MITRE ATT&CK and D3FEND frameworks,” said Gordon Benoit, President, D3 Security. “By teaming with Microsoft in the Security Copilot Partner Private Preview, we will be able to use AI to evolve SOAR in ways that would have sounded impossible just a year ago.” Security Copilot is the first AI-powered security product that enables security professionals to respond to threats quickly, process signals at machine speed, and assess risk exposure in minutes. It combines an advanced large language model (LLM) with a security-specific model that is informed by Microsoft's unique global threat intelligence and more than 65 trillion daily signals. About D3 Security D3 Security’s Smart SOAR™ (security orchestration, automation, and response) solves entrenched problems in cybersecurity by transforming separate tools into a unified ecosystem with multi-tier automation, codeless orchestration, and robust case management. Smart SOAR performs autonomous triage and reduces false positives so enterprise, MSSP, and public sector security teams can spend more time on real threats. Product or service names mentioned herein may be the trademarks of their respective owners.

Read More

Software Security

DNSFilter Enhances Protective DNS Solution to Thwart New Threats

DNSFilter | December 15, 2023

DNSFilter today announced the addition of a new Malicious Domain Protection feature to its protective DNS software, building on its machine learning capabilities. This feature bolsters DNSFilter's enterprise-grade defenses providing better visibility and protection against Domain Generation Algorithms used in malware, botnet and other malicious domains, in addition to other threat vectors. This expands the company's threat detection capabilities and its ability to block large lists of undesirable domains and the security threats they pose. Enterprise security teams that manage and secure both modern and legacy infrastructure struggle to protect end users from all categories of web-based threats. DNSFilter scans every domain its customers access to identify zero-day threats and prevent access before they infiltrate the network. Malicious Domain Protection leverages new ML capabilities to assist in the identification of risky domain strings, which includes domain generation algorithms (DGA) and other threat vectors. DGAs are used in malware to generate up to 250,000 domain names each day for use as rendezvous points with their C&C servers. Malicious Domain Protection can identify more threats, including phishing, cryptojacking, botnet, ransomware and other spam domains, and catch them sooner. In the testing phase, Malicious Domain Protection identified more than 7,000 risky domains not yet identified by any other feeds. Threats were identified up to 10 days ahead of other third-party feeds with one domain being caught 59 days ahead. David Elkind, chief data scientist, DNSFilter, said: "We are constantly working to offer better awareness and remediation of threat vectors. DNSFilter has a powerful data collection engine, supplemented by third-party feeds and we are always innovating new ways to use this data to protect our customers. We intend to take full advantage of all this data to protect our customers. With this new addition, our customers have even more safeguards." About DNSFilter DNSFilter is redefining how organizations secure their largest threat vector: the Internet itself. DNSFilter is making the internet safer and workplaces more productive. In 2022 the threat protection leader blocked 9.1 billion threats, more than any other threat detection software globally. With 70% of attacks involving the Domain Name System (DNS) layer, DNSFilter provides protective DNS powered by machine learning that uniquely identifies 61% more threats than competitors on an average of seven days earlier, including zero-day attacks. Over 26 million monthly users trust DNSFilter to protect them from phishing, malware, and advanced cyber threats. DNSFilter's brands include Webshrinker, its next generation web categorization software, and Guardian, a consumer app focused on privacy protection.

Read More

Spotlight

Organizations are losing IT and security control Once upon a time, IT and security teams focused mostly on managing their organization’s on-prem environment. But as business requirements changed, customer bases became global, and remote work took root, these technology teams were handed responsibility across more domains: cloud

Resources