“CONCEALing” Browser Context Through our Patented SDN

/in /by

Threat actors can’t attack you if they can’t find you. With an additional layer of protection, you can make it much more difficult for attackers to trace web activity back to your organization or to find cloud applications and infrastructure that are critical to your business.

Key Characteristics

Conceal’s patented SDN removes digital context and physical attributes from data flowing over the internet and internet-accessible infrastructure. The extra layer of protection minimizes the likelihood of risky traffic compromising your network. In Verizon’s 2022 Data Breach Investigations Report, web applications were the number one vector of entry for bad actors and are connected to the highest number of DoS attacks. The Verizon report found that Basic Web Application Attacks (BWAA) largely focus on attacks that directly target an organization’s most exposed infrastructure, such as Web servers. Conceal’s patented SDN helps to minimize the opportunity for attackers to find exposed infrastructure by increasing privacy using intermediaries to acquire the commercial infrastructure used to implement the network. The dynamic design of our patented SDN removes context and provides extra layers of privacy and security to users and enterprises.

Conceal’s patented SDN helps organizations identify and isolate risky web traffic before it compromises your network through the monitoring capability as part of the additional layer of protection. Additionally, Conceal is able to move identified risky web traffic without affecting a user’s current session. The fidelity of the protection’s ability to monitor and isolate without affecting a user’s ongoing communications helps provide security assurance for web activity. The extra layer of protection moves the web traffic into a remote browser in an isolated environment without a user having to decide if they believe the web traffic is risky.

Our patented SDN encompasses all of Conceal’s offerings; from ConcealBrowse and ConcealSearch to ConcealCloud, our patented SDN was deliberately and carefully intertwined throughout our product suite to bring an unparalleled solution to the market to address web security.

Use Case

Law Enforcement agencies are faced with the insecurities surrounding intelligence collection. Whether the intelligence collection surrounds dark web monitoring, open-source intelligence, social media research, financial crimes, or internet crimes against children, these investigations come with a level of risk while leveraging the internet. Conceal fully supports operational mission capabilities aligned to law enforcement. Currently, Conceal is deployed in state and local law enforcement agencies and other investigative organizations. To help combat risks associated with mission-critical investigations, the following is accomplished through our product suite:

  • Open-Source Intelligence – Through the investment of our zero-trust browser isolation, ConcealSearch, users can conduct non-attributable, protected open-source research.
  • Social Media Research – By removing attribution of users through our ConcealSearch product, investigators can anonymously monitor social media sites and updates in real-time.
  • Financial Crimes and Intelligence – By leveraging ConcealSearch, users can conduct “follow-the-money” operations and capture and archive financial information without worrying about malicious sites or internet activity entering the network.
  • Internet Crimes Against Children – With ConcealSearch, law enforcement agents can investigate, track and conduct operations to combat crimes against children without jeopardizing their network or identity.
  • Dark Web Monitoring – Engage in dark web monitoring and activities without exposing your network and identity by investing in ConcealSearch.

Conceal’s patented SDN role in cybersecurity will continue to expand as the value of hiding user identities and technical information while simultaneously searching the web grows in importance.

The Future of Cybersecurity is Prevention

/in /by
4 Key Threats

4 Key Information Security Threats of 2022

/in /by

Vulnerabilities are one of the four key paths to your crown jewels. Here’s what you need to know to avoid exploitation.

Let’s be real, vulnerabilities are a main reason we are all here, employed in the field of cybersecurity. Organizations invest in cybersecurity as threats and vulnerabilities continue to advance and become more sophisticated in an ever-changing threat landscape. In this blog, we will explore common characteristics of vulnerabilities to help aid your strategy against exploitation in the future.

Market Outlook

In the past year, vulnerability exploitation, as the entry point of threat actors, has doubled according to Verizon’s Data Breach Investigation Report. To find these vulnerabilities, threat actors are leveraging a wide variety of techniques, including scanning IPs and open ports, crawling for specific services, testing specific CVEs from the catalog discussed above, and running remote code execution.

With an ever changing threat landscape comes an ever evolving vulnerability market. As vulnerabilities are discovered and shared publicly, threat actors are forced to become more sophisticated in their approach to exploit weaknesses in a timely manner. Every year, the Top 25 Most Dangerous Software Weaknesses are analyzed by the CWE community. One trend seen in The 2022 Top 25 release surrounds out-of-bounds write and cross-site scripting (XSS), which continue to be two of the most dangerous weaknesses from year to year. The full list of the top 25 vulnerabilities can be found here.

So What?

As one of the four key information security threats of 2022, vulnerability exploitation must remain a priority in an organization’s security strategy. If a weakness is leveraged by a threat actor and they are able to gain unauthorized access to their network, an organization risks network compromise, data exfiltration, unplanned system downtime, ransomware, and more. Such cybersecurity risks can have debilitating effects across the organization, including financially, operationally, reputationally, and economically. As a result, it is crucial for organizations to do what they can to avoid vulnerability exploitation. By understanding how vulnerabilities are identified and categorized, as well as understanding standard conventions for information that can be used to measure and mitigate the risks to your organization, you can avoid exploitation all together.

Detect. Defend. Isolate.

Besides the efforts identified above to discover and disclose information security vulnerabilities, there are efforts to proactively protect against vulnerabilities on the market. Here at Conceal, we are doing our part to help you avoid vulnerability exploitation online. By pushing the boundaries and maximizing web-based security, web vulnerabilities become a non-issue.

By identifying risky web traffic before it compromises your network, Conceal minimizes the opportunity for a vulnerability to be exploited. Detecting vulnerabilities early in the kill chain allows remediation to be taken before any damage is done. Once detection of risky behavior is identified, Conceal allows the user to finish out the activity in an isolated environment unassociated with your network. This independent network will keep your organization’s data safe from threat actors who may be trying to use the web activity to exploit a vulnerability. Learn more about protection through isolation in one of our recent blog posts here.

Vulnerability exploitation will continue to be a key entry point into your organization’s network. As a result, security teams must explore proactive security measures and tools that can be leveraged to minimize threat actors’ ability to take advantage of a vulnerability. Conceal provides part of the necessary proactive security measures by stopping malware before it has a chance to exploit unpatched vulnerabilities. Request a demo today to learn how Conceal can be a part of your organization’s strategy to protect against vulnerabilities.

Vulnerabilities risk the confidentiality, integrity and/or availability of data within an organization. When coming up with a strategy to protect against vulnerabilities, it is imperative to understand the characteristics and values of common vulnerabilities.

Characteristics

Common values that are important to understand as it relates to a vulnerability include Common Vulnerability and Exposure (CVE) values, Common Weakness Enumeration (CWE) values, and Common Vulnerability Scoring System (CVSS) values. These characteristics provide organizations with a common set of nomenclature to leverage throughout the industry, providing ease when developing their strategy to protect against vulnerabilities.

CVE

CVEs refer to a database that catalogs publicly disclosed vulnerabilities specific to an explicit occurrence. Thousands of new CVE’s are published every year for the good of the security industry. The goal of CVE’s is to provide organizations with a repository of known vulnerabilities to ease information sharing. The database gives organizations a starting point when it comes to vulnerability management as well as creating and implementing a proactive security strategy. The catalog serves as a baseline to evaluate current coverage against the known vulnerabilities. Keeping up with the current vulnerability market is the first step towards proper cyber hygiene.

CWE

Beyond understanding the vulnerability, organizations can benefit from understanding the characteristics of the building blocks that lead to the vulnerability. While CVE refers to the instance of a vulnerability, CWE focuses on the cause of the vulnerability type. For the security community, CWE’s provide common nomenclature for discussing weaknesses and categorizing them by software, hardware or use case. The list of weakness types provide a baseline for identification, mitigation and prevention of a weakness.

CVSS

Once an organization understands relevant vulnerabilities and the underlying weaknesses, understanding the severity of the vulnerability is extremely valuable. CVSS provides a consistent score for vulnerabilities, regardless of the industry. By leveraging the CVSS, organizations can understand the severity of the vulnerability in their environment as well as let them prioritize the remediation of each vulnerability.

As vulnerabilities continue to grow in sophistication and rigor, these common attributes will allow organizations to openly talk about and understand the vulnerabilities relevant to their industry. These values will allow continued collaboration when developing an organization’s security strategy. Make sure to check out Conceal’s offerings that can be used to strengthen your organization’s strategy to protect against vulnerability exploitation by requesting a demo today.

Conceal’s CEO Doubles-Down On Zero Trust Security

/in /by

CEO Gordon Lawson talks about doubling down on the zero trust concept with a malware protection platform that works at the end of the network and how operating in environments against nation states and cybercriminals has given Conceal a tremendous amount of threat intel to be able to design and deploy that platform.

Read more

CISOs Learn How to Zero Trust

/in /by

Now All Together

/in /by

A 2020 research paper by cybersecurity think tank USENIX highlights a key problem with cyber intelligence data: Even though commercial threat data is expensive, it paints an incomplete picture of the risk to your company.

The research looked at two unnamed commercial cyber threat intelligence (CTI) providers and four unnamed free intelligence providers. The researchers discovered that, even in cases where CTI providers provided data on the same threat, there was very little overlap in that data. The study found the same gap between free and paid providers. The researchers concluded that, because even top-tier threat intelligence providers can’t provide the complete picture of risks to a business, there is limited value in purchasing the high-priced data.

Clearly, a single source of truth doesn’t exist for risks surrounding cyber threats. That’s why there are so many players in the marketplace. It’s also the reason that most organizations have to invest in multiple intelligence sources, and struggle to integrate those into various points within their security stacks. Still, the right investment in the security tools that can successfully leverage all available paid and free sources to eliminate or mitigate cyber risk can make an organization far safer.

I Want You, Correct Data

There is a multitude of data available to feed the security tools used by CISOs and other IT leaders. Free data provides basic information crowdsourced from attacks that happen globally every day. These can provide an invaluable baseline resource, and should be fully utilized in security tools and endpoint protection solutions that make decisions about blocking or allowing traffic.

Still, other data is only available via vast and expensive networks of sensors, through human sources, or through analysts and collectors with specialized and hard-to-find skills. This data can provide critical insights and predictive information that can help fill in some of the gaps in the free data, as well as provide predictive data that can enable a more proactive IT security stance. Unfortunately, these datasets are expensive to collect, and this fact is often reflected in the price to an organization.

It’s easy, especially for organizations with small cybersecurity budgets, to look at the facts and determine the free data is good enough. That the added value of a more thorough, though admittedly still incomplete, picture of the threat landscape is less than the cost. Still, it’s clear that specialized premium data sources can take a company’s ability to stop threats and strategically reduce risk to the next level.

Together We are Strong

One of the USENIX paper’s main arguments against the use of paid data feeds is the fact that, despite their cost, the data remains incomplete. This is true. However, with the right security tools in place, an organization can transparently benefit from a more complete picture provided by a combination of paid and free intelligence feeds to protect them from a host of known and unknown threats.

These tools can take several forms. Depending on how the data from multiple sources is combined and utilized, the result can either be a coherent risk assessment that allows a platform to make good security decisions transparently and with limited effort by your organization, or an IT nightmare trying to make tools and data sources from different vendors play nicely together.

In today’s post-COVID environment, workforces are dispersed and conducting work on a multitude of public and private networks, and on a number of devices. More and more of this work is being done on web applications inside the browser. Because the work environment is becoming heterogeneous and dispersed, the traditional security models are no longer effective. Keeping users safe in this environment requires a Zero-Trust security model at the browser level, and it requires being able to bring every possible outside source of intelligence and network data to bear on the risk mitigation process.

Conceal Can Do It!

Fortunately for your IT security team, ConcealBrowse provides a simple, cost-effective way to utilize all your existing security tools and data sources to make intelligent decisions about risk mitigation and safety in a Zero-Trust browser. While investments in user training around phishing and online safety can be beneficial, the reality is that no one is perfect and no one will make the right security decision 100% of the time. You want your people to be able to do their jobs and think as little as possible about security. That’s all possible with ConcealBrowse.

ConcealBrowse has plugins for a number of free and paid intelligence services and security tools that feed information to our “brain,” which determines the best risk mitigation methods for every clicked link or visited URL. ConcealBrowse lets you get the full benefit from combining all the free and paid data sources that, when combined, create a much fuller risk picture.

Learn more about how Conceal is influencing the future of cybersecurity.

Change Maker | Building a Culture and Protecting our Online Presence

/in /by

Today on The Change Maker: Gordon Lawson and Ivie Teston. Gordon is the CEO of Conceal, a company dedicated to protecting federal and private businesses online. Ivie is the Sales Manager and an Augusta native that has returned to work with Conceal at the international headquarters right here in Augusta. Both of them talk about establishing a welcoming work culture, what it takes to engage a young workforce, and how our online presence might not be as safe as you think.

To find more information on this show go to: https://www.augustapodcasts.com/thechangemaker

Conceal Partners with Carahsoft to Protect Government Agencies from Ransomware | Business Wire

/in /by