Technology Reseller - v10

01732 759725 CYBER SECURITY 42 Risk, not list millions, of vulnerabilities in a normal- sized infrastructure, it’s virtually impossible to figure out if one person’s 2 is the same as another person’s 6. It’s very hard to figure out the prioritisation. So, we bring all that together; we normalise it; and then we correlate it with 15 completely unique exploit feeds, from the likes of SecureWorks, ReversingLabs and a whole bunch of others. We are firm believers that what’s really important is the volume and velocity of attack – who is exploiting these vulnerabilities; the volume of those attacks; and whether they are increasing or decreasing. It matters whether the attack is a 14-year old in his bedroom six weeks ago or a nation state – it increases the risks associated with that particular vulnerability. We correlate that at a terrific rate of knots, billions of vulnerabilities every 30 minutes in order to understand the risks. We then present that back to an organisation in the form of risk. TR : How does your approach differ to that of other people operating in this area? TC: Most organisations are list-based; we try to move them to being risk-based. Instead of trying to work down an endless list of vulnerabilities when they are coining in faster than you can deal with them, take a risk-based approach. Look at where the risks are in various parts of your business; understand where you can accept it and where you need to take action to remediate it. We help customers measure risk; we help customers prioritise remediation; and, given our wealth of vulnerability expertise, we give customers the ability to predict which vulnerabilities will be weaponised on the day of their release. We have built an algorithm that mathematically looks at a huge wealth of characteristics within vulnerabilities to understand which of those are going to be weaponised, and we can do that with about 94% accuracy. TR : Is the market you operate in very crowded? TC: It’s like buses. People have waited 20 years for a fix to this problem and now a few of them have come along at the same time. So, yes, we do have other people moving into this space and it is heating up quickly. The network scanners all try to do some sort of prioritisation and the prioritisation they do is quite blocky, in as much as it’s 1-10 or 1-5 or sometimes 1-3. And they only have exploit intelligence from their own systems, which is generally ‘Has it been exploited? Yes or no’. That doesn’t really tell you what is going on. It might have been exploited once by our 14- year old in his bedroom or it might have been exploited 1,000 times an hour by a nation state. What we think is most important is really solid exploit intelligence and correlating that at scale and at speed with the vulnerabilities that are in your infrastructure. TR : What differentiates your offering from others in the market? TC: It’s a few things. Firstly, our ability to do millions of vulnerabilities – our ability to scale. Our largest customer has 10 million vulnerabilities going into the platform, so we have the ability to cope with the largest and most complex infrastructures. Secondly, we have 16 different exploit feeds. The questions we ask our exploit intel suppliers are entirely unique – they are not asked these questions by anybody else. So the feeds they supply us are entirely unique. You can’t buy them and they are not supplied by anyone else. And thirdly, we have an ability to connect into multiple different sources of vulnerability data in your infrastructure. A lot of organisations maybe run with a Qualys scanner in their most critical part of At the end of March, predictive cyber risk specialist Kenna Security secured $25 million in Series C funding, led by Bessemer Venture Partners. The new investment, which brings the company’s total funding to $50 million, will finance its continued growth and expansion overseas. In 2017, Kenna’s sales more than doubled, for the third year in a row; the number of organisations using the Kenna Security Platform grew by more than 60% to 300 worldwide; and in October it increased its presence outside the US, with the opening of an EMEA sales office in the UK. It has already signed one UK partner, Securelink, and hopes to recruit another 11. James Goulding finds out more about Kenna and its UK plans from Kenna Security’s VP EMEA, Trevor Crompton. Technology Reseller (TR) : What exactly does Kenna Security do? Trevor Crompton (TC): We use a data science approach to drag together all of the vulnerability data residing in infrastructure wherever it is. So that’s all the network scanner stuff, all of the application scanner stuff, all of the pen test information, any information held in Bug Bounty programmes. We draw that all together and normalise it in a single repository. The reason we normalise it is because if you look at network scanners alone, some prioritise 0-3, some prioritise 0-5, some prioritise 0-10. When you are dealing with the millions, sometimes tens of We are firm believers that what’s really important is the volume and velocity of attack James Goulding catches up with Trevor Crompton, VP EMEA for Kenna Security, to find out more about the company’s approach to cyber risk and how it differs from others operating in this area Solution Brief The Kenna Security Platform IntroducingCyberRiskContext Technology™ Trevor Crompton