Cybersecurity Roundup: Black Hat USA 2019 Edition
…passwords over many years and even a breach that’s five years old still gets you in trouble,” he said.
NormShield Building Partnerships
NormShield, which allows enterprises to assess, prioritize and address the third-party cyber risk of any company, anywhere within 60 seconds, is on the hunt for new partnerships with MSPs, VARs and OEMs, both in the United States and abroad.
At Black Hat, Candan Bolukbas, CTO and co-founder, gave a demonstration assessing the third-party risk of embattled Chinese telecom company Huawei, and the findings weren’t pretty. Needless to say, Huawei’s risk is off the charts.
“If you know where to look, you can find a lot about an organization, and this information is mostly coming from open source intelligence,” Bolukbas said. “We’re not asking anything but the name of the domain that you want us to assess. This capability is heavily used by lots of different entities. We have some very good, promising partnerships.”
NormShield is working with a Fortune 50 tech giant to expand their cybersecurity services, he said.
“Imagine you’re going to a customer and you’re saying you may have some problems, let us do an analysis and we’re going to fix those problems,” Bolukbas said. “In this case, it’s an eye opener because you’re specifically talking about the company itself and you are specifically talking about some problems that you’re going to address. It’s a very good conversation starter and we see that our partners are actually getting a lot of traction on that.”
Some of NormShield’s successful use cases involve MSSPs, he said. For example, a Minneapolis-based MSSP’s primary goal is accessing the customer with something in hand and to gain more business out of that conversation, he said.
“So they are generating the scorecard before the meeting, and of course talking to the customer about what they are going to do with this relationship, and after that work, they’re generating another scorecard and showing the difference, here you were in C-grade range and now you’re in B-grade, and the next phase we’re going to take you to A-grade range,” Bolukbas said. “That’s the strategy that they’re following and it’s working very good.”
And One Final Message from Splunk
Smaller security information and event management (SIEM) providers are aiming to steal market share from incumbents like Splunk and IBM. Exabeam in particular has said it wants to be the “Splunk killer.”
When asked about this at Black Hat, Monzy Merza, Splunk‘s vice president and head of security research, said in some ways “it’s kind of a proud moment.”
“We are doing something that others are aspiring to overtake, and I take that in a very positive way,” he said. “Competition’s what competition is, but when it comes to serving our customers and thinking they can do a better job than we can do, then that’s awesome because there’s no shortage of problems that customers are faced with and the challenges they’re faced with.”
Some of Splunk’s competitors are part of its Adaptive Response Framework, which provides a mechanism for running preconfigured actions within the Splunk platform or by integrating with external applications, Merza said.
“The world needs help so we can be of service, and if people think they can do better, that’s great, let’s do better,” he said.