Former FireEye/Mandiant SVP/CTO John Laliberte discusses innovative cybersecurity solutions from three companies: Kodex revolutionizes law enforcement data requests, ClearVector offers cloud security monitoring, and Censys scans the internet for attacker infrastructure. Topics include streamlining data requests, tracking developer activities in cloud environments, managing identities and detecting risks, diverse customer profiles, internet asset discovery, and risks of unpatched systems.
Codex prevents unauthorized data access by verifying law enforcement contacts and streamlining communication with dedicated portals.
ClearVector offers real-time monitoring of developer activities in cloud environments and enables users to stop suspicious activity with an 'isolate' button.
Deep dives
Codex: Efficient Solution for Law Enforcement Requests
Codex, a system founded by former FBI agent Matt Donahue, helps companies manage law enforcement data requests efficiently. By verifying law enforcement contacts and scrutinizing data requests, Codex prevents unauthorized data access. The system establishes dedicated law enforcement portals for customers, streamlining communication and ensuring data security.
Clear Vector: Cloud Environment Monitoring and Response Tool
Clear Vector offers a security tool for cloud environments that enables real-time monitoring of developer activities and blast radius analysis in case of a breach. The tool integrates with cloud environments and SAS applications, mapping user identities and risky activities. Users can receive notifications and use an 'isolate' button to stop suspicious activity.
Census: Internet Mapping for Threat Hunting and Asset Discovery
Census provides a platform to map out the entire internet, aiding threat hunters and CTI professionals in identifying attacker infrastructure, such as C2 servers and Cobalt Strike beacons. The tool also facilitates asset discovery for enterprises, especially in complex cloud environments, offering insights into unowned company assets and potential risks.
One of the major security concerns for enterprises is the exposure of back-office applications like payroll systems. These systems, often self-hosted in cloud environments, pose risks when left unpatched or unmonitored. Cloud deployment surprises enterprises with unpatched legitimate applications, highlighting the importance of thorough security monitoring and patch management.