Cyber Defense Reinvented - Israel Dealmakers Summit 2017

Posted by Ronen Yehoshua on Apr 3, 2017 10:49:48 AM

Last week I had the pleasure of speaking at the Israeli Dealmakers Summit in Silicon Valley. With over a thousand of the world’s top corporations, investors and entrepreneurs, it’s known as the largest and most prestigious Israel-focused business event. While it was exciting to participate, the real privilege was to be able to help showcase the innovative ideas and technology coming out of Israel.

Read More

Topics: Company, Moving Target Defense, Endpoint Security, cybersecurity

Malware Is a Symptom – Don’t Treat Symptoms

Posted by Arthur Braunstein on Mar 30, 2017 3:00:29 AM

Imagine this. You are in charge of public health and must deal with an unrelenting epidemic. You have two options for protecting the population.

The first option is to monitor each person for symptoms of infection. You buy analytical technology and infrastructure, hire staff and build hospitals. You send forth specialists to monitor everyone. When they notice symptoms, more tests are performed. The symptoms are
subtle (fatigue, headache, stiffness), and healthy and sick people look a lot alike, so to be on the safe side you test far more people than are truly ill. Once you suspect infection, you quarantine the person and start a course of treatment. Sometimes the people are cured. Sometimes they are not. You can’t guarantee that you will find everyone who is infected. Or that everyone you treat is ill. The monitoring and mandatory quarantine intrude on civil liberties, disrupt lives and interfere with the economy. To compound matters, the disease mutates, so you have to continually design new screening tests and retrain the specialists.

Read More

Topics: 0-day exploits, Moving Target Defense, Advanced Persistent Threats, Endpoint Security

VDI  - the Good, the Bad and the Answer

Posted by Netta Schmeidler on Oct 5, 2016 10:55:59 AM

A Brief History

Virtual Desktop Infrastructure (VDI) is not a new concept – in fact virtualized desktops can be traced back to the 1960s, when IBM divided up mainframes into virtual machines to allow for multiple, simultaneous users. The modern take on VDI emerged around 2007 with the Virtual Desktop Manager by VMware. Citrix entered the game in late 2008. Over the next years, VDI and grew steadily but slowly. Until recently. The emergence of cloud-hosted virtual desktop solutions has accelerated VDI adoption by enterprises and smaller organizations alike.

Read More

Topics: Moving Target Defense, Endpoint Security, cybersecurity, VDI

Reflections on Black Hat USA

Posted by Arthur Braunstein on Aug 17, 2016 6:49:53 PM

 

This year’s Black Hat USA conference was bigger and badder than ever, with attendance up nearly 30% according to show organizers. Of all the security conferences, Black Hat has the most clear divide between the technical practitioner side and the security vendors, and the main themes varied depending on which side of the divide you were standing.  From the practitioner side, these ranged from enhancing technical skills (excellent training) to strategies and threats, to leadership and alignment with the business. The instructors and presenters were world class, the content was superb, and thoughtfulness and creativity were everywhere.

All good for the practitioners and kudos to the organizers. On the vendor side, things were a little more nuanced.

Read More

Topics: Exploits, Moving Target Defense, Endpoint Security

There’s a Madness to the Method - Surreal Logic in Cybersecurity

Posted by Arthur Braunstein on Jun 15, 2016 1:23:26 AM

 

Imagine a conversation like this.

ASPIRING VIOLINIST:  Maestro, what should I do to be a violin virtuoso?

MAESTRO: You must practice 48 hours every day on the tuba. I will sell you a tuba.

ASPIRING VIOLINIST:  But there are only 24 hours in a day. Did you say tuba?

MAESTRO: If you won’t follow my advice, I can’t help you.

More Madness than Method

It sounds absurd, but conversations like this unfold daily when enterprise cyber practitioners meet with industry vendors and security consultants. The industry tells them that they are not doing enough. They must install more security technology, hire more analysts, and patch more frequently. This may seem simple; merely a matter of budget and execution. But the technology is not up to the task and the cost of following this advice to the letter would force enterprises to spend themselves out of existence. And it still wouldn’t work. Not enough hours, wrong instrument.

Read More

Topics: Exploits, Moving Target Defense

The Fall of Signature-based Endpoint Protection; the Rise of Moving Target Defense

Posted by Ursula Ron on Jun 9, 2016 3:16:35 PM

Here is a treat for our Polish speaking readers!

In yesterday’s interview with Poranek WTK, Dawid Nogaj, CEO of PC Service and authorized Morphisec distributor in Poland, explains why signature-based endpoint security solutions are on their way out. After his participation at Morphisec’s first Distributor Summit at the beginning of March, Dawid is more convinced than ever that Moving Target Defense is the ultimate answer to advanced threats.

Read More

Topics: Company, Moving Target Defense, Endpoint Security

Outsmarting Smart Malware

Posted by Ursula Ron on Jun 1, 2016 8:40:08 AM

In an article published by Tech Crunch last week, tech reporter Ben Dickson investigates the new generation of smart malware. He manages to sum up the crux of the problem in two sentences: “Virus definition databases don’t seem to account for the growing number of new malware species and variants, especially when they’re smart enough to evade discovery. More devious genus of malware are succeeding at even duping advanced security tools that discover threats based on behavior analysis.”

Read More

Topics: Moving Target Defense, Zero-day, cybersecurity

Ransomware: Coming to an Endpoint Near You

Posted by Morphisec Team on May 24, 2016 4:00:00 PM

 

Recently, software engineer and noted tech journalist Ben Dickson explored the growing threat of ransomware in an article in The Daily Dot. He gives a thorough yet remarkably non-techie overview before tackling the difficult part – what can companies and individuals do to protect themselves. Dickson turned to our own Ronen Yehoshua, CEO of Morphisec, to understand why traditional security approaches fail and possible solutions.

Read More

Topics: Moving Target Defense, APT, Ransomware

Moving Target Defense: Common Practices

Posted by Morphisec Team on May 23, 2016 1:35:47 PM

Excerpted from the ebook “Deception and Counter Deception: Moving Target Attacks vs. Moving Target Defense” by Mordechai Guri, Chief Science Officer at Morphisec. Download the full eBook here.

In the arms race between cyber attackers and cyber defense technologies, attackers currently claim control. They employ sophisticated deception techniques designed to evade traditional and even “next generation” defense mechanisms, for example by hiding malicious behavior and disguising it as benign or unknown behavior. We outlined these techniques, collectively known as Moving Target Attacks (MTA), in our previous blog post. But there is a cyber defense strategy that breaks the attack-patch cycle. Moving Target Defense (MTD) uses counter-deception techniques that constantly change the target surface, so that attackers can’t get a foothold.

Read More

Topics: Moving Target Defense, Mordechai Guri, cybersecurity

Moving Target Attacks: Techniques & Deception Methods

Posted by Morphisec Team on Apr 28, 2016 12:42:29 AM

Excerpted from the ebook “Deception and Counter Deception: Moving Target Attacks vs. Moving Target Defense” by Mordechai Guri, Chief Science Officer at Morphisec. Download the full eBook here.

Cyber attackers constantly develop new methods to overcome organizations’ detection and response mechanisms. The most effective and insidious are deception techniques that make it impossible to anticipate the attacker’s next onslaught. With these new techniques, collectively known as Moving Target Attacks (MTA), new strike variations can be bred in a matter of hours.

Read More

Topics: Moving Target Defense

Check out our Attack Analyses!

Take a deep dive into technical analyses of attacks prevented by Morphisec.

Subscribe to our Blog

Happy to keep you in the loop with industry insight, cyber security trends,  and cyber attack information and company updates.

Morphisec Named a Cool Vendor 2016

Morphisec is a Gartner Cool Vendor 2016

Each year Gartner identifies new Cool Vendors it considers innovative or transformative. Morphisec is honored be to named a Cool Vendor 2016. Here's more....