Categories
Business Opportunities Cyber Latest News Israel News Top Stories

Behind the Scenes in Fauda

In Fauda Season 4, Episode 2, actors refer to three Israeli companies that helped Doron and the team locate the bad guys.

They are Cellebrite, Armis, and Ermetic.

I review each one and see what they do because all three have people on the ground in Australia, working with Australian entities.

Cellebrite – Digital Intelligence Solutions. Publicly listed on NYSE since August 2021. Founded 1999, 500+ employees, US$370m funding. Cellebrite’s mission is to enable its customers to protect and save lives, accelerate justice, and preserve privacy in communities around the world. Cellebrite develops digital intelligence solutions for the public and private sectors, empowering organisations to master the complexities of legally sanctioned digital investigations by streamlining intelligence processes. Cellebrite’s digital intelligence platform and solutions transform how customers collect, review, analyse, and manage data in legally sanctioned investigations.

Armis – Asset Intelligence Platform. Acquired by Insight Partner January 2020. Founded 2015. 500+ employees, US$537m funding. Armis offers an asset intelligence platform designed to address the new threat landscape that connected devices create. The platform was built to protect the extended asset attack surface, including managed, unmanaged, IT, OT, IoMT, IoT, cloud, and connected 5G assets. Armis customers are from across all industries, verticals, and segments, including governments, state, local, and education; healthcare; critical infrastructure providers; retail; manufacturing; smart cities; transport; and energy.

Ermetic – Identity-first Cloud Infrastructure Security Platform. Founded 2019. Two hundred employees and growing, US$97.25m  Funding. Ermetic is an identity-first cloud infrastructure security platform that provides holistic, multi-cloud protection in an easy-to-deploy SaaS solution. Ermetic helps prevent breaches by continuously analysing permissions, configurations, and behaviour across the full stack of identities, network, data, and compute resources. Using advanced analytics to assess, prioritise, and automatically remediate risks, Ermetic makes it possible to reduce the attack surface and enforce least privilege at scale even in the most complex cloud environments.

Each company is well-respected in the market and has civilian applications, not just homeland security. If you’re interested in a connection with their local Australian representatives, please reach out. Jeremy.Ungar@israeltrade.gov.il

Categories
Business Opportunities Cyber

illustria | Use Open Source Responsibly

illustria is your agent-less “watchdog”  for all open source libraries. Our mission is becoming a dev-velocity company, enabled via cyber security.

Developers benefit from our inline approach by reducing overhead work – early detection is crucial.

Managing and analyzing 3rd party open source components throughout the application lifecycle. Our coverage includes the download phase (including developer workstations), the different build stages, deployment and runtime. We secure applications at any stage of their lifecycle.

There is no need to install any software on your system, as the system is agent-less, via check-posts and user-transparent integrations in every stage of the application lifecycle.

In addition to commodities like CVE scanning and open-source license management (Snyk, Mend, etc.), we also protect against Supply-Chain Attacks.

https://illustria.io/

Categories
Business Opportunities Cyber

Cyrebro | Cloud-based Security Operation Platform

CYREBRO is on a mission to completely revolutionize cybersecurity operations by putting the power of a full-fledged Security Operations Center (SOC) in the hands of any user in any organization. The company provides a first-of-its-kind managed SOC Infrastructure. Users are secured with enterprise-grade security no matter the size of their business; ensuring fast and effective incident response, 24/7/365 monitoring, mitigation of cyber threats, and proactive threat intelligence. CYREBRO was developed by CyberHat.

https://www.cyrebro.io/

They’ve been around for 10 years , are building a steady workforce, sells B2B through partners and recently closed a $40M round lead by Koch Disruptive Technology.

Categories
Business Opportunities Cyber Finance, Banking & VC's

IronSphere | Security Monitoring for IBM Legacy Systems

Securiteam’s IronSphere software specialises in monitoring legacy mainframe systems still operating in banks and insurance businesses. Providing 24/7 surveillance, IronSphere’s technology monitors for security or infrastructure changes and provides real-time vulnerability reporting.

IronSphere automatically compares each application to its Security Technical Information Guidelines (STIGs) to find vulnerabilities, altered system settings, modified operands and other discrepancies.

If an issue is detected, IronSphere launches automatic diagnostic routines to determine:

  • Security problems and errors
  • Root causes
  • Which components are affected
  • Priorities of highest to lowest risk

IronSphere is seeking to connect with banks and insurance providers in the Australian market who operate with IBM legacy systems.

For all enquiries, email Luke at the Israel Trade Commission.

Categories
Business Opportunities Cyber Education Latest News Israel News Top Stories

Cyberbit | Cybersecurity Training and Simulation Platform

Looking for connections to Australian potential customers (Public sector, Gov, Defence, Enterprises and MSSP) in addition to potential distributors and resellers.

In Australia, TAFE QLD and Queensland University recently started using the Cyberbit range to train their students. Please feel free to review the videos below and see how Cyberbit has transformed its cyber training:

  1. University of Queensland, Australia chooses Cyberbit – YouTube
  2. Cyberbit delivers next-gen cyber skills to TAFE Queensland students – YouTube

If you are interested to learn more about Cyberbit, please view their website and see the brief:

Websitehttps://www.cyberbit.com/

Brief: Hundreds of organisations use Cyberbit to train their staff and students how to defend against cyber-attacks. The Cyberbit platform delivers hyper-realistic training scenarios that simulate real-world cyber-attacks in a virtual security operations center (SOC), including market-leading security tools and enterprise-grade networks. Cyberbit customers receive hands-on experience detecting, responding to, and mitigating real-world cyber-attacks and developing the muscle memory needed to respond to threats on the job. 

Some of their customers are shown below:

Categories
Business Opportunities Cyber Projects & Engineering

Waterfall Security Solutions | Cybersecurity for Industrial Networks and Critical Infrastructure

Waterfall Security Solutions develops industrial cybersecurity solutions. Based on Waterfalls Unidirectional Security Gateway technology, the company’s products offer an alternative to firewalls. Its solutions enable safe and reliable IT/OT integration, data sharing, cloud services, and all required connectivity for industrial control systems and critical infrastructures. Waterfall Security’s products can dramatically reduce the cost and complexity of regulatory compliance with NERC CIP, NRC, NIST, CFATS, ANSSI, and others. Waterfalls growing list of customers includes national infrastructures, power plants, nuclear plants, offshore oil and gas platforms, refineries, manufacturing plants, and utility companies. Deployed throughout North America, Europe, the Middle East, and Asia, Waterfall products support a wide range of industrial remote monitoring platforms, applications, databases, and protocols.

Categories
Business Opportunities Cyber Latest News Israel News Security & Safety Top Stories

Critical Infrastructure Protection

Cyber Warfare holds a grave hazard of striking national infrastructure while circumventing traditional defense systems. Israel has developed a unique legal and regulatory model for critical national infrastructure protection and has implemented it since late 2002. The Israeli approach appears to be highly successful. The nation continues to be a world‐class ICT power and to provide cyber security for its critical infrastructure and beyond, while balancing conflicting interests and fostering cooperation between public, security, academic and private sectors. The Israeli approach to Critical Infrastructure Protection and beyond, fostering cooperation between public, security, academic and private sectors, appears to be successful. This study of the evolution of the Israeli Critical Infrastructure Protection policy may assist policy-making in other countries.

The frequency and scale of cyberattacks on energy facilities are rising, and many countries are seeking new and efficient methods for protecting critical resources such as water, electricity, and gas, as well as the facilities that produce, dispense, and store energy. According to a 2020 report by the World Economic Forum, cyberattacks on critical infrastructure facilities rank fifth in terms of level and number of threats.

Critical national infrastructure is a prime target for cyber attackers. Industrial control networks employ unique, legacy devices and use proprietary ICS/SCADA protocols. Therefore, these networks require specialized security technologies. While several solutions have been developed to address these unique challenges, they all focus on the Operational Technology (OT) network and OT devices. However, OT networks and IT networks are converging. IT applications such as Human Machine Interfaces (HMIs) interconnect with OT devices and networks. Attackers take advantage of this vulnerability to initiate the attack on the IT network and use it as the gateway to the sensitive OT network.

Let’s have a look at how some of Israel’s Security companies that can protect your Critical Infrastructure;

1) ReSec: Resec’s Zero Trust platform eliminates all known and unknown (“Zero Day”) file-based malware threats at the organization’s gateway.

2) CyberSixGill: Cybersixgill brings agility to threat intelligence by introducing the Continuous Investigation/Continuous Protection™ (CI/CP) approach to security. CI/CP uses automation tools that empower security teams to collect, analyze, research, and respond after each intel development as seamlessly as possible. In order to focus on maximum security readiness at any given time, Continuous Protection is coupled with Continuous Investigation.

3) Sepio Cyber: Our mission is to provide our customers with the highest level of visibility, policy enforcement, and Rogue Device Mitigation capabilities, which will allow them to better control the access to their hardware assets.

4) IX Den: IXDen introduces a novel hardware-free/software-based approach to industrial IoT cybersecurity. Leveraging ‘biometric’ IoT device identity allowing multifactor authentication, we achieve utmost sensor data integrity on a device and sensor level.

5) SCADA Fence: SCADAfence is the global technology leader in OT & IoT cybersecurity. SCADAfence offers a full suite of industrial cybersecurity products that provides full coverage of large-scale networks, offering best-in-class network monitoring, asset discovery, governance, remote access, and IoT device security.

Categories
Automotive, Subcontracting, Metal & Machinery Business Opportunities Cyber Latest News Israel News Top Stories

Automotive Cyber Security – Innovative Solutions from Israel

Although Israel does not have car manufacturing plants or vehicle assembly lines, Israel is leading the way in mobility and intelligent transportation technologies. The global automotive industry desperately needs innovative solutions and Israeli start-ups are making their way to become the main providers of next-generation technologies in this fast-changing ecosystem. 

Autonomous vehicles, electrification, connected cars, and shared transportation are the big trends that are transforming the auto industry. Israel has a strong presence in computer software and hardware, semiconductor technology, IoT and AI expertise, radar technology, cybersecurity, LiDAR solutions, satellite communication solutions, computer vision, and sensors. Like all IoT devices, cars are getting smarter by connecting to the Internet to gather and transmit valuable data. But with increased connectivity comes increased gateways for cyberattacks, which in the case of moving cars, could prove lethal.

The increased complexity of modern cars makes securing them harder and hacking them potentially easier. There are multiple channels through which one can infiltrate a car’s inner networks, like the peripheral connectivity ports such as Bluetooth, Wi-Fi, and on-board diagnostics; as well as automotive cloud servers such as telematics, which could allow hackers to take control over multiple vehicles at once; and other mobile applications packaged together with the car. The combination of the potentially devastating security risks and the high frequency of attacks on automotive networks now call for automotive cybersecurity companies to assume a crucial role in public safety.

Here are few Israeli companies offering innovative solutions for Automotive Cyber Security: 

Argus Cyber Security 

The ready-to-embed products protect against malicious intrusions that may compromise data privacy or electronic control units. Argus enables car manufacturers and suppliers to offer connectivity without compromising privacy or safety. Argus solutions prevent recalls and apply equally to aftermarket connectivity platforms. An easily integrated and seamlessly updating cybersecurity layer uses Deep Packet Inspection (DPI) algorithms to detect OS anomalies, isolate suspicious applications, and prevent the spread of attacks.

Arilou

The Security Agent solution is an intrusion detection and prevention system that can be integrated into a vehicle’s existing CAN bus and blocks any attempt by devices on the network to send illegal or prohibited messages. Security Agent aims to secure all vehicles, regardless of how vulnerable or buggy their connected devices may be. 

C2A Security

  Developing cyber security for connected vehicles. The solution’s major features include easy integration with existing CAN bus solutions at the OEM or Tier 1 level and aftermarket; customizations based on artificial intelligence and machine learning for individual makes and models; low-cost BOM; hardware that is a simple connector using approved parts; software on one ECU with a very small footprint that doesn’t require regular downloads; no CAN bus reprogramming and artificial intelligence that can minimize potentially life-threatening errors. 

Engimatos

Enigmatos provides solutions for existing and emerging car architectures. The Intrusion Detection and Prevention Solutions are based on in-car data collection on different levels – communication (e.g. CAN, Flexray, Ethernet) and other critical lines, as well as cloud-based analysis. Their Machine Learning models are tailor-made for automotive anomalies and threats.

 GuardKnox

Offers automotive manufacturers a comprehensive cyber security hardware solution, which fits the automotive value chain and alleviates the difficulties of integrating a software solution. The unique Lockdown Methodology, developed by the GuardKnox team, has been successfully deployed for use in Israel’s Iron Dome and Arrow III missile defense systems, as well as the Israeli F-35 fighter jet. 

Karamba Security

Prevents hackers from attacking connected cars and autonomous platforms. Karamba’s embedded software eliminates cyber-related recalls, by automatically hardening ECUs according to factory settings and preventing cyber-attacks, which do not comply with factory settings. 

Nano Lock Security

NanoLock Security patented access control platform provides a locking /unlocking mechanism, for solid-state memory, CPUs, and Microcontrollers. NanoLock Security controls the ability to write to specified areas. The device’s protected areas are in Read-Only by default. Remote machine-to-machine (M2M) unlocking can only be done using a one-time programmable (OTP) password. The device’s OTP password changes after every authorized unlock.

Upstream Security

A cloud-based cyber security solution that protects the technologies and applications of connected and autonomous vehicles. Upstream Security leverages big data and machine learning to provide OEMs and vehicle fleets with comprehensive non-intrusive defense. 

SafeRide Technologies

Offers a vehicle cyber security solution, targeted at commercial fleets and private vehicles – that enables vehicle safety and protection of personal data & privacy, trade secrets, vendor reputation, business operations, intellectual property, and human lives. 

Categories
Business Opportunities Cyber Latest News Israel News Top Stories

Combatting Corporate Cyberattacks with the Cyber-Dome

As the corporate world transitions towards increased digitization, cyberattacks become more frequent and wide-reaching. According to Israeli-American cyber firm Check Point’s 2022 Cyber Security Report, 2021 saw a 50% increase in corporate cyberattacks from 2020. The recent high-profile hacks of SolarWinds and Colonial Pipelines, in particular, have brought renewed attention onto cybersecurity in the professional realm.

In the spring of 2022, the Israel National Cyber Directorate (INCD) and Israeli Ministry of Communications announced new regulations and mandatory cybersecurity standards to combat this rise in digital attacks. Under the new guidelines, Israeli communications services are required to implement various measures to bolster their digital defenses, including conducting frequent vulnerability scans and applying protection standards for suppliers and contractors.

During the recent Cyber Week conference in Tel Aviv, INCD Director General Gaby Portnoy stressed the importance of proactive and innovative solutions to cybersecurity. Rather than merely mitigating attacks as they arise, Portnoy called for the establishment of a “Cyber-Dome”, a comprehensive cyber defense strategy utilizing new mechanisms for detection, analysis, and mitigation of threats. Notably, he presented gaps in security as potential opportunities for cyber firms to develop cybersecure-by-design solutions for recurring and emerging risks. 

In particular, Portnoy emphasized the importance of cooperation between government regulators, the cybersecurity industry, researchers, and individual consumers to limit cyber threats. As cyberattacks arise from a multitude of sources, no single solution on its own could protect companies against attackers. 

A key element of the multi-pronged cybersecurity strategy is a zero-trust approach to IT, which assumes that no user or device can be trusted until adequately verified. Utilizing two-factor authentication, access controls, and “micro-perimeters” to protect higher-sensitivity data, zero-trust is among the most effective methods of protecting against cyberattacks. Recognizing networks’ vulnerability once they have been breached, the zero-trust model implements security checkpoints at various stages to identify and isolate breaches as they occur. 

Israeli companies have developed various innovative solutions to prevent and combat cyberattacks. Below is a list of Israeli cybersecurity companies that are leading the charge in zero-trust and anti-breach technologies:

NanoLock is a zero trust, device-level solution that prevents outsider, insider, and supply-chain attacks as well as human errors, regardless of the attack origin, cyber event, or exploited vulnerability. It accomplishes this all without affecting the device or machine’s functionality and performance, with near-zero resource consumption, and with compatibility across both legacy and new devices and machines.

Hunters develops security operations solutions by combining data engineering, security expertise, and layers of automation to expedite decision making, helping security teams become attack-ready. Hunters infuses how attackers think and act into a platform that helps security operations see and stop attacks at their root. Hunters XDR is a purpose-built, turn-key security data and analytics platform, providing cloud-scale access to telemetry sources across the entire attack surface coupled with automated event prioritization, correlation, and investigation.

Illusive Networks uses deception technology to stop cyberattacks by detecting and disarming attackers, destroying their decision-making processes, and depriving them of the means to move laterally toward attack targets. Illusive’s deceptions are designed to eliminate high-risk pathways to critical systems, force attackers to reveal themselves early in the threat lifecycle, and capture real-time forensics that accelerate incident response.

XM Cyber is a global leader in attack-centric risk prioritization, which is also known as risk-based vulnerability management (RBVM). The XM Cyber platform enables companies to rapidly respond to cyber risks affecting their business-sensitive systems by continuously finding new exposures, including exploitable vulnerabilities and credentials, misconfigurations, and user activities.

CYE brings a fact-based approach to organizational cyber defense and takes the guesswork out of cyber risk management. Utilizing data, numbers, and facts, CYE helps security leaders know what business assets are at risk and execute cost-effective remediation projects for optimal risk prevention.

Cybereason provides future-ready cyberattack protection that unifies security from the endpoint, to the enterprise, to everywhere the battle moves. The Cybereason Defense Platform combines the industry’s top-rated endpoint and extended detection and response, next-generation anti-virus, and proactive threat hunting to deliver context-rich analysis of every element of a malicious operation.

Sources: StartUpNationReutersForbesVentureBeatI24NEWSGov.ilCheck PointThe Jerusalem Post

Categories
Business Opportunities Cyber

TripleP | Cyber Security Experts | Cyber Awareness and Information Security Training Programs

TripleP is a leading Israeli Cyber and Information Security Training and Consulting company since 2018.

Training

Cyber awareness and Cyber professional programs for organizations and to assist companies regarding data privacy regulations.

Consulting Services and capacity Building

Consultants and Trainers are former intelligence experts, such as Israeli army unit 8200, with extensive Cyber security and IT knowledge and include former senior CIOs and CISOs

https://www.thetriplep.org/