Long story short, we help you build robust protections to prevent an intruder to reach your most critical assets, what matters most to operation your business. We do so by avoiding you numerous costs (consulting projects, staff allocation, spend optimisation) and providing you levers for effective implementation of key regulations.
For the long version, this critical question needs a threefold answer …
1/ The security value. First and foremost, the platform empower you to continuously and autonomously cut the pre-requisite to any in-depth attack with a business centric approach ! Making attackers' life much, much harder if they still want to hit you, particularly your most valuable assets.
It also comes with side benefits ! As you fully grasp the map of the 'physical' routes to attack your crown jewels, you also benefit from : - Higher focus for penetration tests and vulnerability management on most sensitive areas - Higher SOC performance with interactive attack plan, probes focus & refined detection rules - Faster investigation with our algorithms and Digital Network Twin already in place
2/ The economical value. If you were to do what our platform does with human resources … you would need an infinit number of man days just for one analysis !! So we could say that for the opportunity cost is infinit…
That being said, our main objective is to empower your teams, make them autonomous and delivering major impact - acting where it matters - while reducing the required workload !! In other words, we help architecture and security teams do more with less (cf operational use cases description), hence reducing significantly the need for consulting and external services on network security.
Moreover, thanks to our side benefits on security, we also help you optimize your spend on operational security budget.
3/ The compliance value. Looking at DORA or NIS 2.0, we provide you answers - at any time - to critical questions required for an efficient implementation of these regulations, that would otherwise require specific studies (a.k.a. time and money). For instance: - What is the level of risk per business process ? - What is the potential business impact if a given asset is compromised ? - How vulnerable are our current policies ? Are they effectively implemented ?
Why do you insist so much on the protection of strategic business assets ?
Securing everything it securing nothing.
At the end of the day, what matters is to make sure that the most strategic business processes keep running in case of cyber attack and that the most valuable data remains untouched. That's why our whole design is thought for making everything we can, easily, to prevent malicious access to these assets.
Now, our specificity, versus most (if not all) cyber solutions, is the detailed knowledge of all the 'physical' routes that go to your crown jewels and the understanding of all the security rules in place. With this, we assess precisely and factually, for each of you key business asset, the level of exposure understanding how an intruder could outsmart your controls in place... and so what to do to protect them.
Hence, if we insist so much on this topic, is because we firmly believe that we can help you make a difference in hardening even further your IT network with efforts aligned on the strategic priorities of your company.
Can you detect an attack ?
No. Our main goal is to prevent Lateral Movement within hybrid networks before an attack happens. In other words, cut the ability of an intruder to navigate in your network.
Doing so, we help your IT architects build a network natively secured, so attackers hit a wall - and hit it hard :-) - when they try to strike you.
What are the analyses you perform ?
The most advanced analysis consists in finding all potential malicious lateral movements in the network
It also finds out all your critical assets that can be accessed directly from the surface …
... and reveals those with direct access to internet, easing significantly data theft
Furthermore, it identifies the most contagious nodes … that are endpoints - not particularly critical - but if corrupted, would provide wide access in the network
Last but not least, it checks all you network policies and make sure they are properly implemented
How do you make sure that you find ALL the malicious routes ?
Always be humble in cybersecurity… By no means, we'll never say we can predict ALL malicious routes.
However, with all our analyses, the platform look at your hybrid networks through different lens, different angles to get the most complete, the most detailed view on what is at stake.
By comparing all identified routes at risk, including the most hidden ones, we find patterns and reveal the most pressing vulnerabilities (contagious nodes) that will most likely be leveraged for some routes not yet found.
Hence, our approach embraces this uncertainty, learning from what we know, to act globally and, nevertheless, succeed in cutting malicious routes that remains hidden.
A Digital Network Twin for hybrid Clouds ? Kezako ?
To analyze thoroughly your network, we need to have a perfect understanding of how it works.
That's why, we integrate our platform with your network equipment to retrieve automatically their configuration and digest them. During this process, we create a virtual copy of your infrastructure that mimic perfectly its behavior : inc. all your routing schemes and apply all your security rules in place.
Having this virtual copy of your infrastructure is the cornerstone to the value we deliver as it enables high performance computing for our analyses and enables the sandbox for the "Photoshop" environment to design the perfect target configuration.
As for the hybrid side of the question, we digest configurations from both on-premise technologies and Cloud providers (a.ka. hyperscalers). And in the event we meet with you a technology not yet managed on our side, we'll fix that in no time so it works for you seamlessly !
How can you be agent-less yet highly granular ?
As the Digital Network Twin of your network has a perfect and continuous representation of your IT, it brings an abstraction layer to build segmentation rules at multiple levels: - It can be at endpoint level, (a.k.a micro-segmentation) - It can be at application level (abstracting all associated end-points) - It can be at subnet level (traditional segmentation) - It can be based on labels / attributes tagged on endpoints (transversal segmentation) - Etc ...
The digital network twin then convert these abstract rules in traditional ACL tailored for your context and to be deployed on the infrastructure in place (Cloud or on-prem).
Our main goal: leverage what you already have and remove the pain of managing agents for the same level of abstraction and flexibility… while increasing your level of security as it comes with continuous security assessment with our advanced algorithms !!
What is this "Photoshop" like to design bulletproof targets ?
Thanks to the Digital Twin of your infrastructure in production, you can easily make a copy of it so you can edit it in a sandbox, test it with our analysis, iterate and when you are satisfied, you can deploy it !
For the edition, you have access to tools and insights to help you design the most secured target… considering legitimate business flows to make sure you don't jeopardize business operations !
Help you on this critical task is for us a never ending story and new tools / automation features are continuously being shipped in production.
How do we integrate the platform ?
There are two approaches for integrating our platform.
SaaS When subscribing with us, a dedicated environment is generated (dedicated Resource Group in Azure and workloads). During the integration project we - together - setup a tunnel enabling the access to your network appliance / equipment and configure our synchronization tool for enabling configuration fetch. Appliance In that case, we deploy a Docker instance of our Backend in your IT (can be on premise or in your Cloud). The only flows that will access to internet will be for login and licence management.
Whatever the integration approach, we leverage what you already ! If you have an NSPM, we can connect to it directly, no need to access individually to each of the equipment already managed by it. When scoping the integration projects, let us know all the accelerators you already have so we can use them.
How does your pricing work ?
We propose a 3-step approach, each having its own, simple pricing:
1/ Discovery demo: we are convinced you shouldn't pay to check whether the solution is great for you or not. So we offer for free a demo on live data.
2/ Integration project: as usual, the integration pricing is based on the resources allocated on the project. That being said, if you have technologies that we don't yet manage, we'll take the time to add them and offer you a discount to thank you for your patience.
3/ Early bird licence : for time being, one simple annual licence giving you access to all the features, even the future ones that will be shipped to production later on. The licence fee is based on (i) a small fixed fee, (ii) a variable fee based on the number of endpoints hosting critical application and sensitive data and (iii) a premium in case of integration with in Appliance mode. Naturally, the longer you commit, the bigger the discount...
In a nutshell, easy !
I'm interested, how do we move forward ?
Glad to hear it !
Just send us a message through the contact form. We'll get back to you in no time !
(The +1) Almost forgot, why is your design so ... "Not Cyber" ?