Supporting the DoD’s Defend Forward Initiative

 

What is Defend Forward?

The DoD’s Defend Forward operational concept has been rolling out over the past few years. Policy makers and cyber defenders in government realized that, as the situation in Afghanistan led directly to the rise of Al-Qaeda and the 9-11 attacks, the situation in cyberspace was going to lead to crippling cyber-attack of similar power.

However, unlike Afghanistan, where a power vacuum was created by the withdrawal of the Soviet Union, the Internet was designed from the outset to be open. By design, there are no police; no organization with the authority with the power to punish bad actors. The cavalry are stuck in the fort.

Something had to change.

Cyber Protection Teams (CPTs) working at the Department of Defense (DOD) were restricted to preparing for and responding to attacks on their own network. Hacktivists, cyber criminals, and nation state adversaries were not restricted in the same way. This unequal playing field was addressed by removing the restriction on CPTs and allowing them to operate, if asked, in the networks of foreign countries. This new operational concept is called Defend Forward.

The goal of Defend Forward is to move out into cyberspace and inflict costs on bad actors, especially other nation states. As most adversary cyber teams tend to use and reuse the same tactics, techniques, and procedures (TTPs), finding malware on foreign networks and publicizing it forces those cyber attackers to create new methods. This takes time, effort and money. By shining a light on these playbooks, friendly nations, other parts of government and civilians will know what to look for, further disrupting cyber attacked operations. Lastly, this serves as a signal to enemies that we know about their procedures and puts them on the defensive.

 

How Do We Protect the Base?

While Defending Forward is off to a promising start, it is only a part of the ongoing cyber war. A “whole – nation” effort is needed –involving both government and industry. Only 10% of the critical infrastructure networks in the U.S. are controlled by our government. Industry needs to do its part and protect the home base.

We need to know our networks better than the attackers do. We need to make sure our networks are set up securely as we intended. We need to find and mitigate the highest risk issues first. Our complex networks make this very hard to do without technical support.

RedSeal’s cyber terrain analytics platform and professional services help all organizations improve their resilience to security events by understanding what’s on their networks, how it’s all connected, and the associated risk. RedSeal verifies that network devices are securely configured; validates network segmentation policies; and continuously monitors compliance with policies and regulations. RedSeal continually checks to see if a network’s segmentation is working as designed, ranks end point vulnerabilities in order of risk, and adds knowledge of your network to determine how accessible the vulnerability is to untrusted networks and what it will expose if compromised.

Click here to view the webinar titled, “Defend Forward, But Protect Your Base” with Wayne Lloyd, RedSeal Federal CTO and Mike Lloyd, RedSeal CTO.

Contact us for more information about how RedSeal can help you support our cyber protection teams.

Pets vs cattle: How to get cloud and DevOps security right

ITProPortal | September 25, 2020

A look at security, both on-premise and in the cloud.

By Dr. Mike Lloyd

In a world as nebulous as cloud computing and DevOps, analogies can sometimes help us to think more clearly. The idea of “pets versus cattle” was first used nearly a decade ago to help delineate the difference between traditional on-premises IT and the cloud, and has become a firm favorite in the DevOps community ever since. But there are also lessons here for cybersecurity teams, as long as they’re able to see through the limits of the analogy and understand where the main challenges are.

RedSeal Wins 2020 Cloud Computing Security Excellence Award

Cloud Computing Magazine| September 17, 2020

RedSeal was named a winner of a Cloud Computing Security Excellence Award, presented by Cloud Computing Magazine. These awards honor solutions in two categories: those that most effectively leverage cloud platforms to deliver network security, and those providing security for cloud applications.

“Congratulations to the winners of the 2020 Cloud Computing Security Excellence Award,” said Rich Tehrani, CEO, TMC. “We’ve seen remarkable progress as security continues to be perhaps the leading consideration in cloud deployments, making this a very competitive process. There are literally hundreds of new players in the market than just a few years ago. It’s our pleasure to recognize such impressive and important contributions to the cloud marketplace.”

RedSeal Named 2021 TAG Cyber Distinguished Vendor

TAG Cyber | September 22, 2020

RedSeal announced today its selection by TAG Cyber as a Distinguished Vendor in the 2021 Security Annual. The Security Annual is designed to help enterprise teams identify security gaps and determine what solutions should be part of their security portfolio.

Each distinguished vendor was selected by the TAG Cyber Analyst team, led by Dr. Edward Amoroso, CEO of TAG Cyber.

“We’re happy to support the work of Ed and his team at TAG,” said Bryan Barney, CEO of RedSeal. “They provide world class analysis and truly understand what our platform brings to enterprise customers around the world.”

RedSeal Named 2021 TAG Cyber Distinguished Vendor

SAN JOSE, Calif.— RedSeal (www.redseal.net), whose award-winning cyber terrain analytics platform helps companies measurably reduce their cyber risk, announced today its selection by TAG Cyber as a Distinguished Vendor in the 2021 Security Annual. The Security Annual is designed to help enterprise teams identify security gaps and determine what solutions should be part of their security portfolio.

Each distinguished vendor was selected by the TAG Cyber Analyst team, led by Dr. Edward Amoroso, CEO of TAG Cyber.

“We’re happy to support the work of Ed and his team at TAG,” said Bryan Barney, CEO of RedSeal. “They provide world class analysis and truly understand what our platform brings to enterprise customers around the world.”

The 2021 Security Annual is part of a series from TAG Cyber that has been published each September since 2016. The report offers expert guidance, analysis, and education across the entire cybersecurity ecosystem.

In the face of rigorous new demands, RedSeal gives security and management teams the most holistic understanding of their organization’s cyber risks – across physical, cloud and virtual networks – including remote endpoints.

“I’m very thankful to the RedSeal team for supporting our work this year,” said Amoroso. “Their work in hybrid environment security brings great value to the industry.”

The 2021 Security Annual is available for free download here.

Julie Parrish of RedSeal: “There is an awful lot that will happen outside of your control; how you react is crucial”

Authority Magazine | September 10, 2020

As a part of our series about strong women leaders, I had the pleasure of interviewing Julie Parrish.

Why I Chose RedSeal

I’ve been in cybersecurity for 19 years and love the field.  It’s technically a very challenging problem to solve and the stakes are extremely high. Those of us in this field are defending the foundation of the information age.  We are protecting the money in people’s bank accounts, their personal privacy and dignity, and even the elections at the heart of democracy. That makes for a strong sense of purpose.

When I looked around for a new opportunity, I knew I wanted to make a real difference. Rather than run an existing large operation, I wanted to help something new and important grow. I have a passion for it. McAfee went from $500M to $2B in sales while I was head of product. At Sophos, my BU grew 25% per year while I was there. I think RedSeal is the perfect position to grow. We are in a nascent market that should be much larger.

The important things are in place for growth. RedSeal has an outstanding customer value proposition. It addresses a huge hole in cybersecurity and network understanding.  It has a unique and powerful technology. When I got my first demo of the product, I was frankly blown away by how powerful it is. It is something everyone should have. No network administrator of a large network really knows what’s on his network and how it’s configured.

RedSeal has a great team and a great culture. Innovation is really a function of having a collection of smart motivated people and getting them to build on each other’s ideas. To do that you need a culture in which people enjoy working with each other, where they hold each other to a high standard, and where they feel comfortable sharing their ideas. That is what we have here at RedSeal, and that environment isn’t as common as you would think in the high-tech industry.

What’s more, cybersecurity in general is always rife with opportunity. All high-tech markets are highly dynamic because innovation is forever changing the landscape and creating opportunities. Cybersecurity is doubly so because it has a variable other markets don’t – bad guys. Cyber criminals are also innovating, and what they do drives us to respond in kind. So, the cybersecurity space moves even faster than the rest of high-tech. That is why there are always so many startups in cybersecurity.

In our space specifically, there is a huge opportunity for innovation. Networks are going through two simultaneous technical revolutions with the advent of software defined networking technology and the movement of data centers to the cloud. These trends make networks even more complex than they have been historically.  A typical corporate network now spans on premise infrastructure and a presence in one or more public clouds. And the world is still figuring out how to secure that kind of hybrid environment.

In 1999, Bruce Schneier famously wrote “complexity is the worst enemy of security.” At that time, his plea was to create a simpler cyber world that could be secured. Unfortunately, that turned out to be impossible. The relentless demand for features and functionality drives ever increasing complexity. At RedSeal we use technology to understand the complexity of technology. We simplify an almost incomprehensible world so it can be understood and secured – a very gratifying and exciting mission.

High Severity Security Flaw with Cisco ASA: Find It and Prioritize Patching Quickly

RedSeal Cyber Threat Series

Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) have a known vulnerability – CVE-2020-3452. This security vulnerability can allow an unauthenticated attacker to remotely conduct a directory traversal attack as well as read sensitive files on a targeted system.

Exploiting this vulnerability, the attacker can view files within target device’s web services file system. The web services files that the attacker can view may have information such as WebVPN configuration, bookmarks, web cookies, partial web content, and HTTP URLs. There are no workarounds that address this vulnerability.

Enterprises should patch their Cisco ASA Software and Firepower Software as soon as possible.  The web services file system is at risk when the WebVPN or AnyConnect functionality is enabled.  Note: The Cisco ASA or FTD system files or underlying Operating System files are not readable.

RedSeal customers should:

  1. Run a custom best practice check to receive a list of vulnerable devices.
  2. Create and run daily reports until all affected systems are patched.

For additional details, contact your RedSeal sales representatives or email info@redseal.net

 

References

RedSeal Joins Forces with Kite Distribution to Offer Unique Network Analytics, Modelling and Security Initiatives to MSPs

Exclusive partnership offers new opportunities for organisations to make cybersecurity a strategic part of their business growth

 

London, UK — RedSeal, the award winning cyber terrain analytics platform, has today announced a partnership with Kite Distribution, a value-added distributor that specialises in bringing innovative and disruptive technologies to the UK channel. The joint alliance will offer MSPs and security resellers a new and innovative way to identify and address cyber threats and combat the latest and most prevalent security challenges to business.

RedSeal’s platform shows organisations what is on their networks, how everything is connected, and the associated risk – across physical and cloud-based network environments. RedSeal verifies that network devices are securely configured; validates network segmentation policies; and continuously monitors compliance with policies and regulations. It also prioritises mitigation based on each vulnerability’s associated risk.

Kite’s established sales team specialises in working with MSPs, offering the technology and advice they need to achieve successful outcomes.  This includes understanding an MSP’s technology stack and advising where RedSeal’s products can offer additional value, increased security, and resource optimisation.  In particular, the team understand the importance of flexible billing models and multi-tier, multi-tenant architectures and work to advise their customers on how their portfolios can help build new revenue streams.

Leading the partnership at RedSeal is Richard Adams, Head of EMEA. He commented: “We are excited to work with Kite Distribution and look forward to establishing a mutually beneficial partnership over the next few years.”

He continued: “Their approach very much aligns with RedSeal’s focus in the UK and compliments where we already have established, existing partner and vendor relationships. Kite’s strong presence amongst MSPs and security resellers, combined with their dynamic workforce, is particularly valuable to us and supports our business growth roadmap.”

Kip Tumber at Kite Distribution added: “Many of our customers are looking for ways to improve security, whilst lowering expenditure, simplifying complexity and reducing the time to investigate vulnerabilities. If you don’t have a complete view of your own network, how do you even begin to secure it? RedSeal’s technology provides the answer that many organisations strive to achieve with multiple analytics tools and expensive human resources.  We have already seen tremendous interest in this new offering and look forward to building a successful partnership.”

 

About Kite Distribution

Kite Distribution is a UK focused, value-added distributor that specialises in bringing innovative and disruptive technologies to the UK channel. Their management team have over 60 years of accumulated channel experience, including launching and building markets for some of the most readily recognisable security & networking brands around today. Our aim at Kite Distribution is to provide each of our vendor and reseller partners with a market leading distribution engine for building incremental revenue. We are also ardent believers in maintaining quality at all times. We endeavour to set a very high level of partner satisfaction from the point the enquiry is picked up, our understanding of the vendors proposition, quote accuracy and turnaround all the way through to delivery and post-sale professional services.

Deepfakes and deep fraud: The new security challenge of misinformation and impersonation

IDG Connect | September 1, 2020

Deepfakes, until recently, have just been an amusing part of the internet. Videos emerged of various celebrities in the wrong movie or interview, some were quite poorly made but others were almost like the real thing. They were entertaining and funny; not really given much thought and left to a corner of the internet. However, it was not long before politicians were the next target, videos emerging of significant figures like Barack Obama, Nancy Pelosi and Donald Trump.

It was at this point that some serious concerns started to develop over the security implications of this technology.