Blackpoint Cyber is releasing an IoT module for SNAP-Defense; providing lateral spread protection for not only core enterprise networks but also IoT applications.
SNAP's IoT security software allows users to visualize and monitor every device that makes up a company's infrastructure. This includes, but is not limited to: building automation, alarm systems, security cameras, lighting controls, irrigation controls, access controls, and more.
SNAP already protects the core networks, using its patented Live Network Map to identify the threat behavior used in every recent major network breach and insider attack.
SNAP alerts on two types of behavior in real time: network enumeration (the process of discovering a network layout) and lateral movement across the network, particularly with the use of privileged credentials.
SNAP's new IoT software identifies new classes of devices and monitoring traffic into the core network; examples include RDP calls by HVAC and physical access vendors. In doing so, SNAP bridges the gap from the cyber world to the physical. For example, SNAP can identify when a field tech, in the daily course of business, routes a cable around a network firewall thereby exposing the network assets to serious harm.
"Companies are employing a growing number of unmanaged devices that are riddled with vulnerabilities from the start," said Jon Murchison, the CEO of Blackpoint. "Traditional endpoint agent threat detection does not apply to IoT style devices in most cases. Combine that with remote privileged access by product vendors who aren't necessarily focused on cyber security, and you have a recipe for a serious cyber event impacting IP, production, and building operations alike. This epitomizes the security challenge of the IoT - backward-looking log analysis will never catch threats in time."
SNAP's Live Network Map enables users to know, accurately, what is currently active in the network. SNAP then focuses on the behavior that matters from both external and insider threats: network enumeration, lateral movement, and system administration tradecraft. Finally, SNAP delivers the threats to your desktop with all relevant information on the suspected endpoint or credential. With full information, it's a one-minute decision process and if warranted, a one-click detainment of the threat.
SNAP also provides an advantage in speed-of-defense, deploying automatically in a few hours - making it relevant in incident response - making sure the "doors are shut" in that critical moment before forensic analysis has even started.
For more information about this news, visit www.blackpointcyber.com.