Fireeye Acquires Verodin For Identifying Gaps In Security – I’m always on the lookout for new, innovative tools, especially ones that break new ground in the cybersecurity fight. At a recent conference I ran across a tool that does just that – Verodin – but isn’t in your typical “detection” or “defense” roles that most security tools engage in. Instead, Verodin provides ongoing validation based on evidence that the controls you use for your business are present and working. It also allows the CISO to step back and assess their security posture for gaps and prioritize investments. I consider this type of capability to constitute a new and unique category of tools – one that the industry is beginning to call “security instrumentation platforms”. Learn more about this new type of tool from Verodin’s Chief Strategy Officer and evangelist – Major General Earl Matthews – a retired USAF general who started in security at a young age and spent the majority of his career in the Air Force. His excitement about this new capability is well evident in my discussion with him. You can also click on the ad to the right —>>> to learn more about Verodin solutions and check out the podcast where General Matthews and I go deeper into this technology and other cyber topics.
Chris Daly, Active Cyber™: Verodin is calling itself a “Security Instrumentation Platform” or SIP. What is a “security instrumentation platform” and how does it add value to an already crowded mix of security tools an enterprise operates?
Fireeye Acquires Verodin For Identifying Gaps In Security
Major General Earl Matthews (Ret.), Chief Strategy Officer, Verodin: First of all, we are not a defensive security tool. Until the advent of platforms like the Verodin Security Instrumentation Platform or SIP, even with the best tools and the best people, it was nearly impossible to validate security controls with any level of empirical evidence on an automated, continuous basis. CISOs had to rely on Audit or Pentest; but these only provided a snapshot of time. Therefore, security was, and still is in many cases, based on an assumption about how effective security tools are in producing across measures such as prevention, detection and correlation. Basing security on assumptions rather than evidence is one of the main causes of reduced value from security tools and overall reduced security effectiveness.
19 Top Breach And Attack Simulation (bas) Tools
Verodin SIP’s continuous approach specifically addresses this, as instrumentation isn’t about stressing that only 20 percent of your security is effective – it’s about getting the other 80 percent right and keeping it right there. The platform places instruments on customer IT environments to test the effectiveness of network, endpoint, email and cloud computing controls. Verodin SIP continuously performs tests and analyzes the results to proactively alert for drift from a well-known baseline and validate control configuration. The platform provides evidence that shows whether customer controls are actually delivering the desired business outcomes – or whether they are exposing them to risk.
1. Control effectiveness – It is vital that businesses have evidence that the controls protecting their critical assets are and remain effective. Do not assume that the controls are working properly.
2. Optimization & streamlining – It’s time to pause and replace them with evidence. Leverage instrumentation to optimize existing controls and streamline real gaps and overlaps before proceeding with the next product procurement or resource-intensive project.
3. Detect environmental flow – A fundamental challenge for cyber security is that it has the responsibility to protect the environment without the corresponding authority to control it. As new systems and applications come into play, the security stack can be disrupted. Environmental flow sensing ensures that controls are continuously measured and optimized.
Acquired Data Solutions Offers Help To Businesses To Meet New Federal And Dod Cyber Compliance Standards
4. Understanding risk – The disconnect between an organization’s cyber security assumptions and its actual posture is often such that any discussion of “cyber risk” is premature. Remove assumptions and validate effectiveness.
Active Cyber™: What is “environmental leakage”, why is it harmful to IT operations, and how does Verodin help enterprises heal this transition?
MG Matthews: The IT operating environment is dynamic. With changes in IT and networks, the environment will not be the same as the day before. Even in organizations with rigorous change management processes, all parties must fully understand the scope of the change, clearly communicate its impact and ultimately execute it with 100 percent perfection.
Verodin SIP allows users to constantly test their environment and know if an implemented security control is no longer working due to a change — whether known or unknown — using Verodin monitors. He is a true game hero.
The Top 10 Security M&a Deals Of 2019 (so Far)
Active Cyber™: From your perspective gained through your background and experience in the DoD cyber corps, what excites you most about the possibilities that the Verodin solution provides?
MG Matthews: I’ve seen us improve overall in our detection capabilities and stay rates when the adversary penetrates our networks. However, the same two problems exist – namely, cyber health issues and the email threat vector. Since 2004, I’ve been talking about the growing amount of money and the number of products an organization needs to combat the ever-growing threat. What excites me most about the Verodin platform is that, for the first time, CISOs can have quantifiable data on an ongoing basis knowing that their security controls are being validated and working as they should. Being able to actually measure how the security products in an environment are performing and determine if a company needs them all is critical to overall operations. Then, security professionals can actually begin to reduce security complexity and improve their overall defenses, process and people by increasing ROI through data.
Active Cyber™: What is the Threat Actor Assurance Program developed by Verodin and others, and how can it be used to validate the effectiveness of cyber security? How does it leverage the MITER ATT&CK model? Who are the other players in the program and how do they contribute?
MG Matthews: At RSA 2019 we introduced our Threat Actor Assurance Program (TAAP), which combines industry-leading threat intelligence from a number of industry partners with Verodin’s proven ability to validate cyber security effectiveness. This program provides actionable information on how an organization’s defenses will perform against the threat actors that will specifically target them.
Cybersecurity M&a Report, Vol. 3, No. 2: Cisco, Pan, Go Shopping Again
As part of the program, we plan to introduce our new Threat Actor Assertion Module (TAAM), which will give customers the ability to determine whether threat actors can reach their defenses before the actual attack by making threat intelligence actionable . TAAM will validate the capabilities of a customer’s defense stack to prevent, detect, and alert on indicators of compromise and tactics, techniques and procedures (TTPs) – including the MITER ATT&CK™ framework.
Organizations using Verodin TAAM will also be able to determine if there are gaps in control visibility or misconfigurations that could aid in the compromise of a threat actor. Once an organization has a baseline understanding of their coverage, they can adjust and optimize their security stack to achieve a higher level of assurance. This capability extends the functionality of the Verodin MITER ATT&CK module, launched in August 2018.
Active Cyber™: How does Verodin help collaborate across functional silos such as dev and co-ops or network operating centers while simultaneously managing the effectiveness of enterprise security controls and systems?
MG Matthews: This is all about RISK. In every other risk discipline (finance, human resources, operations, manufacturing) that an enterprise manages, there are hard, quantifiable pieces of information that you use to tell if you’re making progress. Security instrumentation gives us that quantifiable insight into where we need to invest our time, money and people.
Best Security Threat Intelligence Products And Services Reviews 2024
Many organizations purchase a security product based on a specific business goal without authenticating whether the control is achieving what it is intended for. They then use this list of controls to make broad statements about risk and don’t understand what each control is doing. For example, there is a call to “protect customer data,” so funds are approved for DCA, which is then implemented in the alert-only mode. The desire to stop malware and the “advancement of threat behaviors” generates funds to buy a Next Generation Firewall (NGFW), which blocks 25 percent of what is marketed to do outside the box.
Active Cyber™: Cyber resilience, which refers to the ability to operate safely and securely in a degraded mode, is the positive word, especially for IoT and Industrial control systems. How does Verodin account for resilience measures, including safety instrumented systems, as it looks to expand its capabilities into these emerging market segments?
MG Matthews: Verodin’s mission is to advance the concept and frameworks behind Cyber Resilience. The concept of Cyber Resilience is gaining traction because it brings together InfoSec and business continuity. Blending these concepts improves the organization’s ability to operate despite adverse cyber events. If properly implemented, Cyber Resilience frameworks enable organizations to manage information security more like traditional business units.
Active Cyber™: Congratulations on your recent acquisition of FireEye. What kind of synergy should customers expect because
Related Post "Fireeye Acquires Verodin For Identifying Gaps In Security"