Why are Companies increasing their investment in Application Security?
Here is an info-graphic from our partners Invicti:
Darktrace Acquires Cybersprint
DARKTRACE ACQUIRES ATTACK SURFACE MANAGEMENT COMPANY CYBERSPRINT
Full aquisition details from London Stock Exchange available here –
· Consideration of €47.5m to be paid in cash and equity
· Cybersprint’s technology and external data highly complementary to Darktrace product set
· Additive to Darktrace’s new ‘Prevent’ product suite underpinned by Attack Path Modeling
· Darktrace gains an additional European R&D Centre based in The Hague, Netherlands
· Target completion date on or around 1 March, 2022
Cybersprint’s attack surface management data can enrich existing Darktrace Detect and Respond products with external vulnerability data and accelerate the company’s market entry into new areas like proactive AI cyber security. For example, this capability will be introduced as a new module in the Prevent product family, feeding organisation-specific web data to Darktrace’s Attack Path Modeling technology. See additional information on Darktrace’s Prevent Product suite and Attack Path Modeling technology here.
Through this acquisition, Darktrace gains a second European R&D Centre in The Hague, Netherlands, joining forces with its world-class, Cambridge-based mathematicians and software engineers. Cybersprint’s employees bring a deep understanding of how to continuously model real-time internet data as well as ethical hacking expertise.
Are you in a similar Cyber Boat?
Similar Cyber Boat?
These phrases are coming up as Hybrid work continues into 2022:
-
We’re lean on resource; if anything gets through our stack 24/7 real-time detection and response isn’t possible.
-
Alerts are everywhere across Endpoint, Email and 0365/Cloud, we want one prioritized pane of glass
-
What if the next Log4j hits us? How do we mitigate impact?
-
End users remain our biggest risk
If any resonate, a conversation with our partner, Darktrace, could make sense.
They’re able to have 24/7 detection and response for their hybrid workforce by using self-learning AI that understands ‘on the job’ normal business activity. It means they stop sophisticated cyber threats (ransomware, zero-days, social engineering, account compromise) in real-time while preventing operational disruption.
Contact us on: solutions@newtech.mt or call on +35625523060
I Gaming Case Study - Darktrace
HBG Gaming
Business Background
HBG Gaming is a leading gaming company, providing a host of games to Italian consumers including traditional slot machines, video lotteries, bingo, betting and importantly online games – poker, casino and skill games. The company works closely with the Italian government to ensure the safe management of a large customer base with a combined 4,800 VLTs and 36,000 slot machines in 2015.
By leveraging innovative machine learning, Darktrace’s solution puts businesses like ours ahead in this new age of harmful threats.
Marcello David, Head of IT Security & Compliance
Challenge
As broadband services expand and Internet gaming diversifies across smartphones, tablets and other devices, the industry is increasingly exposed to sophisticated cyber attacks. Securing customers’ personal and financial details is vital for HBG Gaming to provide a reliable gaming service and maintain it’s position as a trusted brand.
Criminals are continually innovating new ways to execute internal and external attacks, adopting increasingly intelligent technologies to breach networks. To better defend against this next-generation risk and identify emerging threats early, HBG Gaming requires in-depth visibility of its digital infrastructure. The company possesses a number of standard border securities including anti-virus software, web gateways and event management tools, but has found none of them provide adequate analytics and are often complex and time-consuming to install.
Solution
HBG Gaming chose Darktrace’s Enterprise Immune System in order to understand its network’s ‘pattern of life’ and identify abnormal behaviors, before they cause business damage. The company decided to deploy a ‘Proof of Value’ over a four-week period to test how Darktrace’s unique self-learning technology could alert its security team to real, emerging threats already in its network. Powered by machine learning and mathematics, Darktrace has the capability to monitor the behaviours of every network, device, and user to detect even the subtlest anomaly. Unlike traditional defenses that rely on rules and signatures to recognise attacks, Darktrace models a network’s ‘pattern of life’ and is able to distinguish suspicious behaviors that deviate from the norm. Thus, in this new era of pernicious attacks, Darktrace equips HBG Gaming with an advanced solution able to detect unfamiliar threats that would otherwise go unnoticed by legacy systems.
Benefits
Within weeks Darktrace could identify suspicious behavior in HBG Gaming’s network, like ransomware, with potentially serious implications. The Enterprise Immune System alerts the business’ security team early, allowing them to take
action and mitigate risk before it becomes a serious issue. The immune system approach is now fundamental to HBG Gaming’s cyber security strategy. Darktrace only flags the genuinely suspicious events rather than bombarding security personnel with false positives, allowing HBG Gaming’s teams to prioritize and optimize its resources more effectively. Darktrace’s Threat Visualizer provides a 3D display of all network activity in real time. This intuitive interface enables nontechnical senior executives – the most vulnerable to attacks –
to gain meaningful insight into their network behaviours and implement stronger defenses across the company. “By leveraging innovative machine learning, Darktrace’s solution puts businesses like ours ahead in this new age of harmful threats.”
“Darktrace enhances our cyber security strategy beyond protecting our company borders, and has already detected potentially damaging threats inside our networks,” said
Marcello David, Head of IT Security & Compliance, HBG Gaming.
Changing Cyber Landscapes - The Battle of Algorithms
Among rapidly evolving technological advancements, the emergence of AI-enhanced malware is making cyber-attacks exponentially more perilous.
In this session, learn about:
- Paradigm shifts in the cyber landscape.
- Advancements in offensive AI attack techniques.
- The Immune System Approach to cyber security and defensive, Autonomous Response capabilities .
- Real-world examples of emerging threats that were stopped with Cyber AI.
- Demos of Darktrace Enterprise Immune system & Antigena Email in action.
Contact us directly for more information.
NATO to Pass a Policy In order to Protect and Counter against Cyber Attacks
Recent Political Events & Darktrace Governmental Cyber AI Programme
One of the main points of discussion in the recent meeting between Russian president Vladimir Putin and U.S president Joe Biden was the Cybersecurity space. The leaders seemed to agree on an alliance in order to combat ransomware attacks targeting critical infrastructure. In response, NATO has drawn up a new Cyber Defence Policy which has been backed after a summit in Brussels.
This policy has brought to light the importance of cybersecurity and the advancements that hacking organisations have made being able to target the most powerful Governments and entities in the world.
Our partners Darktrace have been at the forefront of this problem with government organisations all over the world, including here in Malta. Having deployed the technology to safeguard their environment. Darktrace uses AI to detect and respond to novel and sophisticated threats – from fast-moving ransomware to low-and-slow data ex-filtration.
Darktrace protects more than 270 government and defence organizations globally:
✔ Detects in-progress attacks with
self-learning AI technology.
✔ Stops emerging cyber-threats in
an average of 2 seconds.
✔ Reduces time to meaning by up
to 92%.
Primary Security Challenges
The task of sustaining normal functionality amid a global pandemic has considerably strained governments on a local, state, and national level. Alongside ensuring that public services and infrastructure – such as utilities, healthcare, and transportation – remain operational, governmental bodies have had to contend with additional challenges: implementing national contact tracing programs, enabling research into vaccines and treatments, as well as providing financial assistance to citizens. Securing the systems that facilitate these services is of vital importance. Additionally, like many organizations over the past year, government offices have had to transition to remote working. The usual cyber risks associated with working from home environments – such as rapid shifts in digital infrastructure and workforce behavior, as well as cyber espionage over video conference and hacked smart home devices – are particularly concerning in the government and defence sector due to the sensitive nature of the data and information that it controls.
How Cyber AI Safeguards Government and Defence Organizations
Proven to protect hundreds of government and defence organizations, Darktrace Cyber AI defends digital data and vital systems from threat – no matter how novel or sophisticated. As a self-learning technology, the AI is able to identify and respond to fast-moving ransomware at an early stage without relying on prior attack data, and operates across SaaS, cloud, IoT, email, endpoints, OT technology, and the traditional network. Inspired by the principles of the human immune system, Darktrace works by learning what ‘normal’ looks like for every user, device, and virtual machine in an organization’s dynamic workforce.
This understanding of ‘self’ allows the AI to spot the subtlest indicators of malicious activity as they emerge, instantly flagging them to security teams, and autonomously responding to neutralize the threat at machine speed. Darktrace Cyber AI Analyst augments teams during fast-moving attacks by autonomously investigating, triaging, and reporting on each security incident. This technology provides actionable intelligence via natural language reports that can be translated to various levels of technical detail – ultimately reducing time to meaning by up to 92%.
Autonomously Defending Against Eking Ransomware At a governmental organization in APAC, Darktrace detected an example of Ransomware-as-a-Service (RaaS). With Darktrace, the defenders were able to recognize the anomalous behavior as soon as it occurred and stop the threat from advancing, while Cyber AI Analyst autonomously investigated and reported on every stage of the incident.
The attack started when a corporate device was infected with Eking. Darktrace’s self-learning AI detected and alerted on this threat immediately, picking up on internal reconnaissance activity, SMB enumeration, and extensive scanning. Once the scanning was complete, files were encrypted on a second server, with the infected device transitioning from making just a few internal connections per day to making thousands in less than an hour.
While Darktrace’s alerts and investigations empowered the team to take action straight away, this all this occurred late at night local time – when the security team were out of office. As it was, they were still able to act faster than they otherwise would have and limit the damage when they arrived in the morning. Had Darktrace Antigena been deployed, the AI would have autonomously taken action at the first stage of the attack and prevented encryption occurring.
To discover Darktrace and for a free consultation, contact us on solutions@newtech.mt
Learn more about Darktrace here – https://newtech.mt/darktrace/
Microsoft partners with Darktrace
Microsoft & Darktrace will use AI to keep organisations safe from Hacking threats worldwide (Featured Video below).
This week two of our partners Darktrace and Microsoft announced a partnership to combat an increase in cyber threats with cutting edge artificial intelligence technology being deployed in order to improve cyber security for organisations worldwide. We couldn’t be more delighted here at Newtech having been partnered with both brands for a number of years. For us, this provides a seamless integration for both products and we would like to offer our services for business’ locally as we are offering discounts till the end of June.
Microsoft continues to lead the way through their hugely successful environments including Microsoft 365 and cloud applications like Azure Sentinel. As organisations worldwide continue to utilize remote tools and cloud applications there are increased hacking attempts and this partnership will look to secure business’ data.
Microsoft and Darktrace are collaborating to help organisations address new security challenges in a number of critical areas:
- Email Security – Antigena Email, which uses Darktrace’s artificial intelligence to stop the most advanced email threats, will be hosted on Microsoft Azure and listed on Microsoft Azure Marketplace
- Simplified and Streamlined Security Workflows– Darktrace now integrates seamlessly with Azure Sentinel, with a bespoke Workbook allowing users to send and visualize Darktrace alerts and Cyber AI Analyst incidents inside Sentinel
- Seamless Data Integration – Darktrace one-click integrations allow users to connect Darktrace’s AI detection capabilities to Microsoft Defender for Endpoint
“I am proud to be partnering with Microsoft, bringing Darktrace’s Cyber AI and autonomous response into joint customer environments,” commented Poppy Gustafsson, CEO, Darktrace.
Clare Barclay, CEO, Microsoft UK, said: “As cyber-attacks become increasingly sophisticated, AI is adding a deeper level of protection in detecting these threats. The partnership between Microsoft and Darktrace will help keep organisations secure, enabling them to focus on their core business and customers.”
Please get in touch with us on solutions@newtech.mt or call 25523060 to inquire about Microsoft and Darktrace for your business.
Deep Learning & AI: Darktrace.
Transformative Approach of Darktrace: A technical overview.
Darktrace’s transformative approach to cyber defence relies on probabilistic methods developed by Cambridge mathematicians. Employing multiple unsupervised, supervised and deep learning techniques in a Bayesian framework, the enterprise immune system can integrate a vast number of weak indicators of anomalous behaviour to produce a single clear measure of threat probabilities.
For each unique environment, Darktrace generates millions of interrelated mathematical models which are correlated to ensure that only truly anomalous behaviour is detected without a profusion of false positives. Unlike rules-based computation, the results that probabilistic mathematics generate cannot simply be categorized as ‘yes’ or ‘no’ but instead indicate degrees of certainty, reflecting the ambiguities that inevitably exist in dynamic data environments.
Darktrace & Deep Learning
Darktrace also uses deep learning to enhance modelling processes. Deep learning is a subset of machine learning that uses the cascading interactions of layered mathematical processes known as neural nets – to give intelligent systems a higher degree of insight. Multi-layered neural nets can improve the detection and remediation of certain threats, for example, in the identification of DNS anomalies, which are less effectively tracked by other machine learning methods. Darktrace’s deep learning system assigns a score to all DNS data from a device, with the purpose of identifying suspicious activity even faster.
Darktrace also clusters devices into peer groups, based on its own understanding of how those devices behave and uses supervised learning to uncover sequences of breaches, unusual patterns, or to detect aberrant activity at a higher more holistic level. For example, the WannaCry ransomware was easily detected by Darktrace as it breaches a number of different ‘pattern of life’ models. Using supervised learning Darktrace can replicate the process of a human interpreting various sets of breaches for a device or network over time and so present correlated alerts instead of a multitude.
Supervised learning is also used by Darktrace to understand more about the environment, without a human having to label it. For example by observing millions of different smartphones Darktrace gets faster and faster at identifying a new device as a ‘smartphone’ and even what type of smartphone it is.
Using deep and supervised techniques to complement its core unsupervised machine learning algorithms, Darktrace builds up unique, contextual knowledge about network activity and integrates the insights of our global deployments to improve threat detection.
Finally, Darktrace also uses deep learning techniques to automate repetitive and time-consuming tasks carried out during investigation workflows. By analyzing how seasoned cyber analysts interact with the threath visualizer, triage alerts, and leverage third-party sources, Darktrace is able to replicate those expert behaviours and automate certain analyst functions. This allows for increasingly efficient and simplified investigations for analysts of all maturity levels. It also gives security teams the crucial time they need to focus on higher-value strategic work, such as managing risk and focusing on broader improvements to the business.
DT Virtual Seminar
Re – Thinking Email Security with Cyber AI Virtual Seminar
Join this Virtual Seminar Registration – https://lnkd.in/eTNrYbC
With Darktrace’s Director of Email Security, Mariana Pereira, and Newtech’s Information Security Analyst Expert, Max Demajo on Friday, February 12th from 11:30 – 12:30 CET, to discuss the next generation of email threats, and how to protect against them.
This session will include a Q&A with our experts, and explore:
• How AI works for email security
• The unique challenge of defending workers in today’s dynamic environment
• How do you catch attackers that are using stolen credentials, and seem legitimate?
• Real world examples of Microsoft 365 attacks
Complementary lunch & wine vouchers will be included from a choice of restaurants in Malta once the webinar is finished to attendees that choose to fill out a form.