Sramana Mitra: Let me see if I got what you said. The real differentiator is, you focus on threats that are unknown to the enterprise and you’re saying that you’re the only or one of the few companies that are capable of unearthing threats that are not already known by the enterprise.
Manoj Leelanivas: Correct. If you look at the journey, majority of the companies focus on threats you already know. There were a couple of companies over the last five years, most notably FireEye, that started looking at threats you don’t know, but their focus was on things coming from the perimeter. We changed the game completely by focusing on the enterprise as a whole and providing a complete picture on a single pane of glass. If you look at a large retailer which got breached, there’s nothing you could do at the perimeter. In web and email, there was nothing.
The breach happened because it was an unguarded system that was attacked. Then there is lateral communication. Without actually knowing how to look at the unguarded system and the lateral communication, you could have never found that breach. We can clearly tell you what the underlying incident is.
Sramana Mitra: Can you give us some examples of the kinds of threats that you have found over the course of your work with customers that the enterprise is not aware of, and what does that look like? What kind of sources are they coming from? What is the nature of that threat? What are we learning about the new and innovative ways in which threats are being crafted or designed?
Manoj Leelanivas: I cannot specifically go into a particular threat because that is customer-sensitive information. We have found a lot of zero-day attacks in our customers.
Sramana Mitra: You don’t have to name the customer, but I don’t think the nature of the threat is customer-sensitive information.
Manoj Leelanivas: One of the more interesting ones was a malware advertising attack. Within that website when you go multiple levels down, as part of the advertising section, there’s a malware embedded in it. If you click on it, you accidentally download that to your machine. From your machine, it goes to other places. This is one of the things that we found out and publicly blogged about it.
Sramana Mitra: Let me see if I understood that threat. What you’re saying is that some of these media properties are inadvertently serving threats to which enterprises are bringing in malware.
Manoj Leelanivas: Yes. Employees in enterprises, unknowingly, were accidentally downloading things. We found the manifestation of this particular attack in the enterprise and connected it to the original website.
Sramana Mitra: What do you do in scenarios like these? What is your policy when you encounter something like that? Do you then notify Huffington Post? Do you notify AOL?
Manoj Leelanivas: Absolutely. I believe that we need to do the right work for the community. We are in it for profit and at the same time, we need to do what’s right for the community so we can fight against the bad guys. The moment we know that this is served up in a particular place, we let them know what to do about that. At the same time, we are protecting some of the enterprises who had employees who accidentally got infected because of this. Our primary goal is to protect the enterprises who pay us for protecting them. At the same time, we also try to take it down as soon as possible so that other people don’t get infected.
This segment is part 2 in the series : Thought Leaders in Cyber Security: Manoj Leelanivas, CEO of Cyphort
1 2 3 4 5 6