What the Heck is What the Hack?!
Hot off the virtual presses, I’m pleased to present you with the inaugural edition of What the Hack?! Each month we will examine the cybersecurity industry news that impacts your efforts to protect your endpoint devices and the invaluable information users create and store on them. We are committed to raising awareness throughout our industry around why the traditional “enumeration of badness” (aka blacklisting) approach is failing, and how to build a multi-layered defense to thwart new and little known malicious threats. We developed PARANOID to serve as one of those layers, and I’m happy to report it recently aced a very difficult test.
ICSA Labs has just completed 33 days of testing the detection capabilities of PARANOID with a mix of over 1,150 test runs. The mix was composed of recently harvested and custom created new and unknown threats not typically detected by security products that rely on the past knowledge (whether through signatures or heuristics or machine learning). ICSA Labs delivered these threats via many of the top threat vectors that the latest Verizon Data Breach Investigation Report (DBIR) found have led to enterprise cybersecurity incidents and breaches.
ICSA Labs threw some curve balls by launching hundreds of innocuous applications and activities to test whether PARANOID can distinguish the bad from the good to avoid returning a high number of false positives.
The results? According to ICSA Labs’ report: “Nyotron’s solution did remarkably well during this test cycle — detecting 100.0% of previously unknown threats while having just one false positive.”
You’ll find a more detailed breakdown of the testing process and results, as well as a link to the full ICSA Labs report, on our blog.
PARANOID is so effective at blocking unknown threats because it takes the complete opposite approach to the one the industry has relied on for decades. Instead of trying to identify and block the practically infinite number of malware attacks, PARANOID focuses on the finite “good” in the form of legitimate operating system behavior (aka OS-Centric Positive Security). I recently led a live webinar to demonstrate how this approach works, and you view the recording here.
The ICSA Labs tests provide the proof PARANOID works, and now thanks to our new strategic partnership with Ingram Micro, we can accelerate our effort to introduce PARANOID to information security professionals. The partnership includes a $10 million investment from Ingram Micro that will help us expand our global presence — particularly in the United States — and build our worldwide channel ecosystem.
Thank you for taking the time to read this overview of what’s has been a very busy and exciting time for myself and the Nyotron team. I think you’ll find the content in the other sections of this newsletter interesting and informative, and we want to hear from you on what issues and trends are most important to you. Please connect with us on our Twitter or LinkedIn pages and post any questions or content suggestions for future issues of What the Hack?!
- 2019 Endpoint Security Report: Risk and Worry Increases Among Infosec Pros
- AV Can’t Protect Your Endpoints Against All Threats… But Don’t Uninstall!
- PARANOID Blocks 100% of Unknown Threats During Rigorous ICSA Labs Testing
- Nyotron’s PARANOID Succeeds Where EDR Fails
- Security is Easy – How I’ve Mapped All Legitimate OS Behavior
Industry Spotlight: Education
Muli Tzafrir, Head of Computing & Information Systems Division at the University of Haifa, explains why you need to take a new approach to an old challenge: protecting against new and unknown attacks.
Nyotron in the News
- Nyotron’s PARANOID Receives Advanced Threat Defense Certification from ICSA Labs
- Nyotron Enters Into Strategic Partnership With Ingram Micro to Scale Business Operations Globally
- InfoSecurity Group: “Brush up on the supply chain attacks, file-less malware and “living off the land” tools and techniques”
- CyberScoop: How to Combat the Long Lives of Zero-day Vulnerabilities
- Security Guy’s interview with Nyotron Founder & CTO Nir Gaist
We recently examined the issue of whether the U. S. government should stockpile or publicly disclose zero-day threats it discovers. Read our blog post, then let us know where you come down on this issue by completing the short poll below.
We’ll share the results in our next issue.