We’re trying to solve the problem of the prevention of cyber-attacks. The cyber industry is divided into three. Pre-attack, during attack and post-attack. Most companies, during an attack i.e. Check Point will try to stop an attacker while they’re attempting a breach. Were in the preventative area which is a little old fashioned!
We’re in the preventative area. We have built a Cyber bot called CyBot that automatically and continuously does automated penetration testing in place of human penetration testing, using ethical hackers who’ll be engaged to do it once a year which has proven to be ineffective. We show you what’s called “attack path scenarios” – these are routes that attackers can take to reach your critical assets (e.g domain controller or critical server) and your business processes. So, if there’s a potential attack path that can threaten your ability to do billing or customer onboarding, you will know about it immediately and know which specific vulnerabilities and which devices are exposed so that this potential attack path won’t occur. So you can respond far quicker.
Other vulnerability scanners like Nessus by Tenable, Qualys, Rapid 7
They use a tool that is not regularly used with an IT personal. You need to be somewhat of a cyber expert. Secondly, they give you a long list of vulnerabilities that are too much for a company to handle and the company ends up not remediating everything because that would mean taking down the entire company. So they do it once a year such as just before Xmas. They also yield many false positives. We are a next generation vulnerability management and can compete with human ethical hackers on scale and efficiency. They are limited in the number of IP addresses they can handle, so they sample a part of the network. If you have a big international company with many branches and virtual networks that go up and down, it’s impossible to test with humans .
Compromising your entire business and integrity of your brand name because you have been breached causes a huge loss of money and reputation.
We have launched the ability to support web so not only infrastructure but websites and web portals. Secondly is the whole business process aspect of vulnerability management where you can simply drag and drop your business processes to the screen and we’ll alert you if there’s a threat.