This post is also available in: עברית (Hebrew)
Cyber security is offered today not only as an addition to a system or to a firewall of a companies’ network and computer system. These cyber security systems are not only defense oriented but rather detection oriented. The fight against advanced threats requires resistance, detection, investigation and intelligence.
An Israeli company, ‘ Seculert’, is offering a unique solution for the detection of advanced cyber threats which could affect customers’ networks, particularly Advanced Persistent Threats (APT). The patent pending Seculert cyber detection solution does so without the need for network integration. Alex Milstein, COO and Co-founder of Seculert appeared at the recent Cyber Nation event in Israel. He stated that his company offers cloud-based technology that provides early detection of a broad array of threats and strengthens an enterprises’ existing security infrastructures, without the need for new hardware, software, or any changes to the corporate network.
Seculert detects malware on company’s devices which bypassed all of the existing security solutions. It does so by detecting the malware on Smartphones, laptops and home desktops from which employees log into the organization from wherever they are located. The problem according to Milstein is that mobile and remote users are unprotected while threats are growing. Milstein explained that if in the past we used detection and prevention on premises, today the detection is shifting to the cloud. He believes that in the future we will see advanced detection in the cloud; however the prevention aspect will remain on premises.
Unlike traditional malware detection tools, the Seculert solution collects threat intelligence external to the organization’s network from the cybercrime servers and botnets them. At its research lab, a team of security experts scours the Internet 24 seven in order to detect new and emerging threats. They use a combination of tools and techniques — including honeypots, botnet monitoring sensors, spam detection systems and crawlers – to ensure the most comprehensive coverage of malware. The research team then analyzes the data collected from the wild using ‘big data’ tools, such as Hadoop, and distributes this intelligence via a web-based dashboard to Seculert customers. The use of big data along with the knowledge acquired on the malware enables Seculert to know the attacker, explained Milstein.
According to Milstein most security vendors are working to find the problem, but Securlert believes that prevention should be done through detection of the malware before it is starting to attack. “Fighting the cyber war”, says Milstein,” should be done by sharing knowledge between the companies that are under attack. The sharing of this accumulated knowledge will assist us in fighting the cyber wars more efficiently.”