Dynamic Stateful Relationships
DSR Technology Components
Internal Risk Factors Scoring and Prioritization
‘Cyber risk’ is defined as any risk of financial loss, disruption or damage to the reputation of an organization from a failure of its information technology systems. Cyber risk is now a major threat to businesses. Companies increasingly face new exposures, including first-and third-party damage, business interruption and regulatory consequences. It is now more important than ever for businesses to understand their cyber risk threats from the inside-out. Our risk technology assesses cyber risks inside the network, aids in mitigating risk by objective evidence of vulnerabilities, and continuously monitors to ensure the risk has been effectively reduced.
Trust relationship between network clients and servers is established through encryption certificates. Unfortunately, this trust is often misplaced due to cyber criminals exploiting this trust for their own gain. Our trust validation technology follows the chain of trust for each end-entity certificate actively in-use your network to ensure it maps to an industry audited Certificate Authority (CA). After learning all the trusted CAs in your network a private trust store is built to validate all TLS encrypted sessions going forward. Certificates that fail validation will be flagged along with the device using it.
Encryption is the foundation of information security, and keeps your data from being accessed, exfiltrated, disclosed, or disrupted. Our encryption visibility technology will proactively assess the strength of the security protocols being used to ensure your data is being transmitted safely and securely. Periodically over the last few years the NSA has updated their list of obsolete encryption algorithms. Keeping up with what encryption algorithms and ciphers are actively being used in your network is critical to securing your data in motion. Our technology will monitor the negotiated TLS sessions in your network and ensure they are using the latest modernized encryption.
Identity is traditionally established by providing a username, and a password that proves the user’s identity. These credentials are the keys to accessing most digital assets in our corporate networks today. Unfortunately, operating system vendors continue to leverage insecure protocols for user authentication, and are exposing our credentials in cleartext, open to replay and MITM attacks. Seeing cleartext usernames and weakly hashed passwords on the network, gives you clear insight into how easy it is for hackers get access and escalated privileges in recent publicized attacks. Our identity domain risk provides you with a list of authentication exposures in your network, so you can quickly remediate any exposure.
Database Anomaly Detection
Databases are the vaults business use to store private information, like PII, PHI and PCI. The first databases systems were developed long before the adoption of the IP protocol, so the protocols they use today are proprietary. Unlike other client/server protocols, database protocols multiplex multiple database instance communication on a single port. Our database visibility technology was developed to decode these custom protocols so they can be effectively managed and secured. When you hear about security breaches with billions of records being exposed, you can be sure that the attack most likely involved a database.