RedSeal Extends Digital Resilience Platform Across Network Environments, Improves Security and Network Teams’ Productivity with New Integrations

Expedites Analysis with Seamless Integration into Network Security Products from Splunk, Rapid7 and ForeScout

 SUNNYVALE, Calif. –  Today RedSeal (www.redseal.net) announced enhancements and new integrations for its market leading network modeling and risk scoring platform. The enhancements will give RedSeal users a single, comprehensive understanding of network security across their datacenter, cloud and software-defined networks.

The enhancements also help security teams be more productive despite ever-increasing demands by delivering actionable intelligence from RedSeal’s network modeling platform directly into Splunk’s Enterprise Security SIEM, Rapid7’s Nexpose vulnerability management software, and ForeScout’s CounterACT.

“Enterprises today have complex network infrastructures with many point product security solutions,” said Ray Rothrock, chairman and CEO of RedSeal. “To improve their resilience in the face of inevitable attacks, they need a holistic view of their network that’s deeply integrated with their current security solutions.”

Platform Enhancements

The digital infrastructures for nearly all Global 2000 companies include on-premise, cloud and virtualized networks. The resulting networks are large, complex, and constantly changing, making a complete and detailed understanding of the current state of a network very difficult. To address this, RedSeal can now model complete networks – including software-defined networks (SDNs) in VMWare NSX and enhanced modeling of Amazon Web Services Virtual Private Clouds (VPCs).

RedSeal provides critical visibility into access controls for these SDN environments, and alerts users to violations of customized policies they’ve established for their organizations.

Expanded Integrations with Splunk, Rapid7 and ForeScout

To streamline security teams’ efforts, and further improve network security, RedSeal now integrates into the user interfaces of Splunk’s Enterprise Security SIEM, Rapid7’s Nexpose vulnerability management software, and ForeScout’s CounterACT.

This improves the efficacy of each of these products, giving their users unprecedented network context within the tools, and in the format, they’re already using. Specifically:

  • Integration with Splunk’s Enterprise Security SIEM accelerates incident response efforts. RedSeal provides the SIEM with critical network context and identifies access paths to and from Indicators of Compromise (IOC) leading to other critical assets.
  • Integration with Rapid7’s Nexpose vulnerability management software identifies gaps in vulnerability scan coverage.
  • Integration with ForeScout’s CounterACT prioritizes hosts in terms of actual risk so appropriate action can be taken.

“Customers tell us that RedSeal’s unique information adds value to a number of their security functions,” said Rothrock. “Now they can get this information without having to open and learn another product. These apps give our customers even more productivity and efficiency, accelerating their ability to identify and respond to problems.”

To learn more, visit RedSeal Integration Apps.

About RedSeal

RedSeal’s network modeling and risk scoring platform is the foundation for enabling enterprise networks to be resilient to cyber events and network interruptions in an increasingly digital world. RedSeal helps customers understand their network from the inside, out – and provides actionable intelligence, situational awareness and a Digital Resilience Score to help enterprises measure and ultimately build greater resilience into their infrastructure. Government agencies and Global 2000 companies around the world rely on RedSeal to help them improve their overall security posture, accelerate incident response and increase the productivity of their security and network teams. Founded in 2004, RedSeal is headquartered in Sunnyvale, California and serves customers globally through a direct and channel partner network.

The Bleed Goes On

Some people are surprised that Heartbleed is still out there, 3 years on, as you can read here. What this illustrates is two important truths of security, depending on whether you see the glass half full or half empty.

One perspective is that, once again, we know what to do, but failed to do it.  Heartbleed is well understood, and directly patchable.  Why haven’t we eradicated this by now? The problem is that the Internet is big. Calling the Internet an “organization” would be a stretch – it’s larger, more diverse, and harder to control than any one organization.  But if you’ve tried to manage vulnerabilities at any normal organization – even a global scale one – you have a pretty good idea how hard it gets to eliminate any one thing. It’s like Zeno’s Paradox – when you try to eradicate any one problem you choose, you can fix half the instances in a short period of time. The trouble is that it takes about that long again to fix the next half of what remains, and that amount again for the half after that. Once you’ve dealt with the easy stuff – well known machines, with well documented purpose, and a friendly owner in IT – it starts to get hard fast, for an array of reasons from the political to the technical.  You can reduce the prevalence of a problem really quickly, but to eradicate it takes near-infinite time.  And the problem, of course, is that attackers will find whatever you miss – they can use automation to track down every defect.  (That’s how researchers found there is still a lot of Heartbleed out there.)  Any one time you miss might open up access to far more important parts of your organization.  It’s a chilling prospect, and it’s fundamental to the unfair fight in security – attackers only need one way in, defenders need to cover all possible paths.

To flip to the positive perspective, perhaps the remaining Heartbleed instances are not important – that is, it’s possible that we prioritized well as a community, and only left the unimportant instances dangling for all this time.  I know first-hand that major banks and critical infrastructure companies scrambled to stamp out Heartbleed from their critical servers as fast as they could – it was impressive.  So perhaps we fixed the most important gaps first, and left until later any assets that are too hard to reach, or better yet, have no useful access to anything else after they are compromised.  This would be great if it were true.  The question is, how would we know?

The answer is obvious – we’d need to assess each instance, in context, to understand which instances must get fixed, and which can be deferred until later, or perhaps until after we move on to the next fire drill, and the fire drill after that. The security game is a never-ending arms race, and so we always have to be responsive and dynamic as the rules of the game change.  So how would we ever know if the stuff we deferred from last quarter’s crises is more important or less important than this quarter’s?  Only automated prioritization of all your defensive gaps can tell you.

Why 2017 Will Be the Worst Year Ever for Security

INFO WORLD and IT WORLD | February 2, 2017

Sony. Anthem. The Office of Personnel Management. Target. Yahoo. The past two years have seen one mega-breach after another—and 2017 promises to be the most catastrophic year yet.

Security experts have long warned that most organizations don’t even know they’ve been breached. Attackers rely on stealth to learn about the network, find valuable information and systems, and steal what they want. Only recently have organizations improved their detection efforts and started investing the time, capital, and people needed to uncover vulnerabilities. When they do, the results are often alarming.

“I think we are going to find more, not less, breaches in 2017,” says Ray Rothrock, CEO of RedSeal, a security analytics firm.

 

RedSeal Wins Contract to Support DISA’s Cyber Network Operations

ARMY TECHNOLOGY NEWS | February 2, 2017

RedSeal has secured a contract to monitor the cyber network operations of the US Defense Information Systems Agency (DISA).

Valued at $33.8m, the contract requires the company to model and monitor the infrastructure of the Joint Regional Security Stacks (JRSS), a US Department of Defense (DoD) programme to create a standard security architecture, which will eventually support more than 95% of the DoD’s network.

RedSeal Reaches Profitability in 2016 with Strong Year-Over-Year Growth

Network Modeling and Risk Scoring Company More Than Doubles Q4 Revenue
as Demand for Digital Resiliency Increases

SUNNYVALE, Calif. — RedSeal (redseal.net), the leader in network modeling and cyber risk scoring, today announced its 2016 bookings were up 45 percent compared to the previous year, and the company was cash flow positive nearly $5 million in the fourth quarter alone.

Demand for RedSeal’s network modeling and risk scoring platform is steadily growing as security teams seek to combat cyber attacks by gaining a comprehensive understanding of network security across their datacenter, cloud, and software-defined networks.

“It’s not a question of if an organization will suffer a security breach, but when,” said Ray Rothrock, CEO of RedSeal. “That’s why digital resiliency has become a critical part of any effective cyber defense strategy. To minimize harm and loss, organizations must be able to operate through impairment and rebound quickly. To do that, they need a network modeling and risk scoring platform that puts decision-making power right in their hands.”

Highlights of RedSeal’s fourth quarter performance include a 113% overall increase in bookings, a 25% jump in commercial bookings, and a 105% increase in revenue over the same period in 2015. New business in the fourth quarter was up 139% and expansions increased by 123% compared to Q4 of 2015. This includes the close of a $31 million multi-year contract—the largest subscription deal in its history. Additionally, gross margins climbed to 86% in fiscal year 2016, up from 77% the previous year.

RedSeal’s proven network modeling and risk scoring platform has been implemented by over 40 government agencies and hundreds of commercial enterprises. Overall, RedSeal acquired 52 new customers in 2016 from across government agencies and commercial sectors, including a range of technology, professional services, retail, and financial services companies.

One of the newest customers is the Defense Information Systems Agency (DISA), which signed a multi-year license for RedSeal’s network modeling and risk scoring platform. DISA is providing RedSeal’s platform to all U.S. Army networks, USAF boundaries networks, and several other DISA networks. The contract is a strong reflection of RedSeal’s ability to streamline the efforts of security teams and further improve network security via the company’s market leading network modeling and risk scoring platform.

On the international front, RedSeal grew its global presence in 2016, opening new offices in Japan and Canada, and accelerating its traction around the world. Overall, the company has increased headcount by 43% percent since the beginning of 2016.

The momentum continued as RedSeal rounded out its management team in 2016 with the addition of Julie Parrish as Chief Marketing Officer and Nash Kapoor as Regional Vice President for EMEA. Parrish is leading the company’s global effort to position RedSeal as the thought leader in digital resilience and further drive demand for the company’s network modeling and risk scoring platform. Kapoor brings over 15 year of experience as an IT sales professional and manager to RedSeal with a proven track record of overachievement in new business sales. His tenure includes roles at IKON, Dell, Symantec, and most recently Varonis.

 

###

About RedSeal

RedSeal’s network modeling and risk scoring platform is the foundation for enabling enterprise networks to be resilient to cyber events and network interruptions in an increasingly digital world. RedSeal helps customers understand their network from the inside, out – and provides actionable intelligence, situational awareness and a Digital Resilience Score to help enterprises measure and ultimately build greater resilience into their infrastructure. Government agencies and Global 2000 companies around the world rely on RedSeal to help them improve their overall security posture, accelerate incident response and increase the productivity of their security and network teams. Founded in 2004, RedSeal is headquartered in Sunnyvale, California and serves customers globally through a direct and channel partner network.

U.S. Defense Information Systems Agency (DISA) JRSS Program Chooses RedSeal for Continuous Monitoring of Cyber Network Operations

SUNNYVALE, Calif. – RedSeal (www.redseal.net), a leader in the network modeling and scoring market, announced that the Defense Information Systems Agency (DISA) has awarded a multi-year contract for its network modeling and risk scoring platform valued at $33.8M.

In an effort to create a highly-resilient global DoD network, DISA will use RedSeal to model and continuously monitor the infrastructure of the Joint Regional Security Stacks (JRSS), provide visibility into network segmentation and measure overall resiliency to deliver risk based situational awareness.

JRSS is a Department of Defense (DoD) program that creates a single, standardized, security architecture, which will eventually support more than 95 percent of the DoD’s network. JRSS performs firewall functions, intrusion detection and prevention, enterprise management, virtual routing and forwarding (VRF), and a host of network security capabilities. By deploying JRSS, DISA centralized the security of its networks into regional architectures, moving away from the more vulnerable, locally distributed architectures that are spread across each military base, post, camp, or station.

“The JRSS stacks are located at strategic military installations around the world, creating a massive, varied and dispersed network that supports critical military services. Its resilience is a matter of international security,” said Kimberly Baker, VP and GM RedSeal Public Sector. “From Fort Meade, the Joint Management Program monitors, manages and controls DoD digital operations all over the world. They need effective metrics to understand the real-time health of the global network, and RedSeal proved to be the best choice for ensuring its resilience under relentless probing and attack.”

To further improve the resilience of their networks – and as a result of this agreement – DISA will be providing RedSeal’s powerful modeling and risk scoring platform to all U.S. Army networks, USAF boundary networks, and several other COCOM networks.

“The new cyber battleground is inside the network, not at the perimeter,” said Ray Rothrock, chairman and CEO of RedSeal. “DISA chose RedSeal because our platform will help them more clearly manage and measure their cyber strategies and investments. This selection by DISA underscores the value RedSeal delivers to military and federal organizations, as well as enterprises at-large. As a company, we’re proud to help DISA’s teams be more resilient by being better prepared to sustain critical operations and protect high-value assets.”

About RedSeal

RedSeal’s network modeling and risk scoring platform is the foundation for enabling enterprise networks to be resilient to cyber events and network interruptions in an increasingly digital world. RedSeal helps customers understand their network from the inside, out – and provides rich context, situational awareness and a Digital Resilience Score to help enterprises measure and ultimately build greater resilience into their infrastructure. Government agencies and Global 2000 companies around the world rely on RedSeal to help them improve their overall security posture, accelerate incident response and increase the productivity of their security and network teams. Founded in 2004, RedSeal is headquartered in Sunnyvale, California and serves customers globally through a direct and channel partner network.

Trump Administration Should Read and Heed Obama Cyber Report

SIGNAL | January 31, 2017

By Ray Rothrock

As the nation deals with intelligence reports of Russian hacks of the U.S. presidential election, some of us in industry are pondering how President Donald Trump will tackle cybersecurity issues.

He already has a good road map. In December, the Commission on Enhancing National Cybersecurity issued its “Report on Securing and Growing the Digital Economy.” Kudos are in order. It is high time the executive branch dug deeply into cybersecurity issues.

 

20 Ways to Attract Good Luck

Inc. | January 30, 2017

If you’ve ever known someone who seems to consistently experience good luck, know this: luck is something you can attract toward yourself. In fact, research has found a correlation between good luck and the right attitudes and choices in life. Check out these quotes from a pile of executives who share their views on how anyone can be luckier….

#14. Be prepared.

“Preparation is a necessary prerequisite to good luck. Good luck occurs when an opportunity presents itself and you are prepared with knowledge, experience, and risk-taking ability. You need knowledge to recognize opportunities among the noise, you need experience to identify the patterns these opportunities often form, and you need the courage to take a chance. What people often say is good luck is simply a good choice based on evidence and risk.”

–Ray Rothrock, chairman and CEO of cybersecurity resiliency company RedSeal.

 

Cyber-criminals Can Rat on Rippers Using New Reputation Service

SC MEDIA UK | January 27, 2017

Anyone who has ever spent any time trawling the Dark Web will appreciate what a den of inequity it is. Cyber-criminals use forums as marketplaces to trade in everything from stolen credit cards to exploit kits that help steal those credit cards in the first place.

The trouble is, there doesn’t tend to be much loyalty amongst thieves. “Fraud between cyber-criminals has always been an issue that limited the profitability of their malicious campaigns” the Digital Shadows report states.

Those who commit fraud are often known as rippers, and every transaction within these dark markets now includes a “ripper tax” that decreases the profit for “legit criminals”.

Shadow Brokers Turn Out the Lights

The Shadow Brokers are turning out the lights. On their way out they dumped another suite of alleged National Security Agency hacking tools.  Unlike last time, where the released exploits focused on network gear from vendors such as Cisco and Fortinet, these tools and exploits target Microsoft Windows operating systems.  Most of the sixty plus exploits are already detected by antivirus vendors, such as Kaspersky, and it is a safe bet that all antivirus vendors will detect them shortly.

In Shadow Brokers’ farewell post, they say they are leaving the account open for someone to deposit 10,000 bitcoins — the equivalent of $8.2 million — to obtain the entire cache of alleged NSA hacking tools. To date, no one has paid the requested amount.  With such a high price it has been speculated that the Shadow Brokers never seriously expected anyone to pay. This leads some to believe they are associated with a nation state who is trying to cause headaches for US spy agencies and the administration.

What can be done to protect your systems from these tools and exploits?  Basic security practices of course.  Keep your systems up to date with patches and operating system releases.  Practice your usual good cyber hygiene such not clicking on links in emails.  Be conscientious about what you plug into your home or business computers as a lot of malware can spread through external hard drives and USB sticks.

Also, it is imperative to have good backups and test your backups.  Many times after a breach occurs, organizations find out too late that they’ve never tested their restore procedures to verify they have good backups. Or, they learn that their backups have been infected with malware from previous backups of compromised systems.

Have an incident response plan in place and practice your incident response plans regularly. Having a plan is great. But you need to practice to make sure your team can execute your plan. Plans without practicing is the equivalent of a firefighter knowing it takes water to put a fire out, but not knowing how to get the water off of the fire truck and onto the fire.

Know your network; and consider using RedSeal.   Even if you don’t use us, knowing your network will lead to greatly enhanced resilience and enable your incident responders to keep business and mission critical systems online and functioning during an incident.  Security is not sexy, despite what Hollywood depicts. There is no silver bullet that will magically make your network impervious.  It takes hard work and continuous effort to build and maintain resilient networks.  So, do you know yours — completely?