APAC CIO Outlook
  • Home
  • CXO Insights
  • CIO Views
  • Vendors
  • News
  • Conferences
  • Whitepapers
  • Newsletter
  • Awards
Apac
  • Agile

    Artificial Intelligence

    Aviation

    Bi and Analytics

    Big Data

    Blockchain

    Cloud

    Cyber Security

    Digital Infrastructure

    Digital Marketing

    Digital Transformation

    Digital Twin

    Drone

    Internet of Things

    Low Code No Code

    Networking

    Remote Work

    Singapore Startups

    Smart City

    Software Testing

    Startup

  • E-Commerce

    Education

    FinTech

    Healthcare

    Manufacturing

    Retail

    Travel and Hospitality

  • Dell

    Microsoft

    Salesforce

    SAP

  • Cognitive

    Compliance

    Contact Center

    Corporate Finance

    Data Center

    Data Integration

    Digital Asset Management

    Gamification

    HR Technology

    IT Service Management

    Managed Services

    Procurement

    RegTech

    Travel Retail

Menu
    • Cyber Security
    • Software Testing
    • Procurement
    • Managed Services
    • Gamification
    • Blockchain
    • CRM
    • E-Commerce
    • MORE
    #

    Apac CIO Outlook Weekly Brief

    ×

    Be first to read the latest tech news, Industry Leader's Insights, and CIO interviews of medium and large enterprises exclusively from Apac CIO Outlook

    Subscribe

    loading

    THANK YOU FOR SUBSCRIBING

    • Home
    • Cyber Security
    • Vendor Viewpoint

    CyberSecThreat - Holistic Cybersecurity Monitoring Solutions

    Kelvin Yip, Founder and Director, CyberSecThreat

    Tweet
    content-image

    Kelvin Yip, Founder and Director, CyberSecThreat

    Organizations are facing different cyber security risks, such as APT attack, zero-day attack, ransomware attack, account compromise, physical assets stolen and secret token abuse. Enterprises already invested a lot of different physical (e.g., lock, security guard, CCTV, door access control system and signal jammer) and logical security controls (e.g., firewall, IDS, EDR) to protect their assets. However, security incidents and data breaches still occurred. If we can extend our visibility into physical security and external attack surface, the overall security posture can be greatly improved.

    CyberSecThreat offers Extended visibility for cyber attack

    CyberSecThreat which provides wide-range of “Cyber Security” solutions is a startup founded in 2021, headquartered in Taiwan.

    The company develops an effective security monitoring solutions on top of Splunk software and Splunk Enterprise Security Add-on. It is a product combining Cyber Security Experts ‘s research results and deep tuning of Splunk software. Professional Service will be provided to assist customers onboarding successfully. The company’s first release captured both on-premises logs as well as cloud logs to provide visibility over MITRE ATT&CK Technique and GRC (Governance, risk management, and compliance). After radars were deployed in different viewpoints and Cyber-Kill Chain stages, the deployed monitoring solutions were able to detect both real attacks and over 95% of red team operations within 4 hours. The company’s latest solution also extends visibility and insight to physical security and external viewpoint.

    Transform Zero Trust from Virtual World back to Physical World

    Most SOC (Security Operation Center) do not have enough visibility over physical security. In addition, SOC and PSOC (Physical Security Operation Center) work independently. For instance, if SOC can correlate door access control system and login information, then abnormalities can be observed. CyberSecThreat brings the integration to the next level and applied it to OT (Operational Technology) environments.

    Critical infrastructure companies, manufacturing, healthcare and building management heavily use OT (Operational Technology) in their production environment. OT mainly comprised of Industrial Control Systems (ICS) such as Supervisory Control and Data Acquisition (SCADA) systems, Distributed Control Systems (DCS) and Programmable Logic Controllers (PLCs). SCADA and DCS are primarily responsible to control the PLC over network to perform the actual tasks. To protect OT environments from cyber-attack challenge, companies are adapting various new OT security controls such as OT firewall, OT IDS, OT PAM, OT network segmentation, OT Abnormal and change detection system.

    Imagine if an attacker gets physical access to OT environment using social engineering, and then directly connect the ethernet cable of PLC to a Raspberry PI equipped with 4G mobile connection, the attacker can get direct control to PLC, stop the production line, cause harm to human or inject malicious command back to SCADA system.

    With strategy planning & seamless integration between physical security controls and CyberSecThreat’s security monitoring solutions, SOC can effective spotted abnormalities and potential security incidents.

    CyberSecThreat offers hacker’s viewpoints for organization

    Many Organizations use “Internal Views” to manage their assets and attack surface. CyberSecThreat provided Cloud Inventory Integration in the first release of security monitoring solutions, which can significantly improve the effectiveness of incident investigation and response. However, this still only provides an “Internal Views” of assets and attack surface and cannot fully discover all unknown or shadow assets. It is not possible to manage security risks without complete visibility.

    The approach to conduct penetration testing or red team operation annually provides hacker’s viewpoints, but also create a gap that this viewpoint not updated constantly. CyberSecThreat take further steps to offer viewpoints of hackers by integrating different OSINT resources and external monitoring tools into continuous monitoring process. Therefore, organizations can take required actions before attacker exploit vulnerabilities.

    There are tons of interesting information available in OSINT resources, threat intelligence and external monitoring tools. This information includes email accounts available on public internet, SSH ports of testing machines exposed to internet, website defacement, account compromise, previous and current DNS lookups results, SSL/TLS certificate information, access key uploaded to public GitHub repository, leakage of software token, attacker discussing your organization in dark web.

    Zero trust, from virtual world back to physical world - through seamless integration of cyber security with modern operational technology

    By giving the name of your organization and domain name information as monitoring keywords, we can discover any shadow machines and related domain information. The resulting information can be further fed into our security monitoring solutions, and actionable alerts can be generated to 7x24 SOC. For instance, if SOC team receive an alert regarding AWS access key uploaded to public GitHub repository, SOC can remind developer team to exclude access key during commit process and reset the access key used in production.

    CyberSecThreat accelerates organization’s detection and incident response capabilities

    While blue team and security team research the behavior and technique used by attacker to improve protection and detection, adversaries also continue advance themselves and becoming stealthier to evade security controls, SOC detection, AI detection and machine learning. APT groups are willing to invest money and time on their targets. For example, attackers paid for cloud security appliance to test their zero-day, hide their C2 infrastructure behind CDN, study red team’s research how to bypass security controls, conduct external reconnaissance & google dorking and conduct research to simulate user’s behavior. Therefore, attackers trend not to trigger any noisy and radar due to aware of the existence of blue team and SOC.

    With deep understanding of attacker’s behavior, CyberSecThreat’s security monitoring solutions seamlessly integrate with your 7x24 SOC operation and offers a complete visibility over different viewpoints to prevent data breaches and speed-up incident response.

    tag

    Physical Security

    Splunk

    Firewall

    AWS

    Critical Infrastructure

    Machine Learning

    Ethernet

    cyber attack

    GRC

    inventory

    Weekly Brief

    loading
    CyberSecThreat: A Deep Dive into Everything Cybersecurity
    ON THE DECK

    Cyber Security 2022

    Top Vendors

    Cyber Security 2021

    Top Vendors

    Cyber Security 2020

    Top Vendors

    Cyber Security 2019

    Top Vendors

    Cyber Security 2018

    Top Vendors

    Cyber Security 2017

    Top Vendors

    Previous Next

    I agree We use cookies on this website to enhance your user experience. By clicking any link on this page you are giving your consent for us to set cookies. More info

    Copyright © 2023 APAC CIOoutlook. All rights reserved. Registration on or use of this site constitutes acceptance of our Terms of Use and Privacy and Anti Spam Policy 

    |  Sitemap |  Subscribe |   About us

    follow on linkedinfollow on twitter follow on rss
    This content is copyright protected

    However, if you would like to share the information in this article, you may use the link below:

    https://cyber-security.apacciooutlook.com/vp/CyberSecThreat/cybersecthreat_-_holistic_cybersecurity_monitoring_solutions/