Tales from the Trenches: Network Backdoors — Lions, and Tigers, and Bears…

/by

Today’s tale from the trench is brought to you by Brad Schwab, Senior Security Solutions Consultant.

One of the greatest concerns for professionals in Network and Security Operations is the potential existence of a backdoor in their network—let alone the presence of numerous backdoors! Identifying backdoors can be a daunting challenge, as they might exist beyond the confines of the configured routing table or take a longer path than the optimized routing path typically followed by traffic. Consequently, conventional traffic mapping tools seldom uncover the presence of a backdoor.

RedSeal is unique in its ability to identify and display all paths through a network, regardless of routing protocols and network address translation (NAT)—therefore exposing all potential backdoors.

While working with a power generation company that managed many extremely remote renewable energy sites, I performed RedSeal data collections on network device configurations across the organization, including company headquarters. From there, I began to perform RedSeal data collections on the power generation farms networks. With this data, I was able to model their network and gain visibility into all the access across their network fabric.

Once all data was collected, we initiated an examination of access vectors into the local generating networks. While engaged in this process, one individual began discussing how the heightened global threat levels had prompted the implementation of a company policy mandating a firewall at each site. This measure aims to safeguard Operational Technology (OT) devices and SCADA Systems. SCADA (Supervisory Control and Data Acquisition) is a software application used for controlling industrial processes by gathering real-time data from remote locations to control equipment and conditions.

As we began verifying that access controls were in place, we concluded there were indeed firewalls present with Access Control Lists (ACLs) blocking and filter inbound traffic. However, because RedSeal shows ALL access vectors, we also noticed that each generation site had two available paths to the internal network—one controlled and limited by the firewall and another that was wide open through the on-site router — a backdoor!

Through RedSeal’s security methodology of “Discover, Investigate, Act” we were able to uncover the backdoors and found that though we started with a small sample of sites, we now knew what to look for and each one had backdoors into the power generation network.

During our investigation we discovered that the secondary wide open access had been set in the case of a site lockout on the firewall. I have seen networks set up like this in the past, although not quite at this scale. It is not terribly uncommon in remote locations to set up a backdoor enabling remote access – however, we learned that with this set up even a firmware upgrade would cause problems. I explained how RedSeal could help verify changes before deployment and then verify implementation with ongoing monitoring for the entire generating network to ensure all sites were always in compliance and no backdoors were in place.  I like to think of it as an always on, always up-to-date audit.  Thus, avoiding any “negative compliance drift” between yearly scheduled audits.

In summary, RedSeal was able to show all the paths through the network—not just the ones that traffic is currently traveling on.  For each path of interest, in this case the backdoors, RedSeal shows every device along the path (hops), and all the ports and protocols that are available for traffic to transit.  Finally, such access can be monitored on an ongoing basis to ensure it does not stray from company policy.

At RedSeal, we’re committed to helping you fortify your digital infrastructure, for good. We proactively help visualize your network, identify attack paths, prioritize risk, and help you stay in compliance to ensure your business and customers stay secure.

Reach out to RedSeal or schedule a demo today.

Understanding the UnitedHealthcare Data Breach: The Importance of Good Segmentation

/by

After receiving a call from KCBS to comment on the UnitedHealthcare data breach, I was reminded of the critical importance of cybersecurity measures and proactive solutions like RedSeal in safeguarding sensitive information.

The Impact on Patients and Healthcare Organizations

The repercussions of the UnitedHealthcare data breach extend beyond the confines of the company itself. Patients whose personal and medical information may have been compromised face the unsettling reality of potential identity theft, fraud, privacy breaches, and in this case, health implications with a nationwide outage of some of the largest prescription processors. Moreover, healthcare organizations are left vulnerable to reputational damage, legal liabilities, and regulatory penalties.

The swift response by Change Healthcare to halt the spread of the incident is commendable. By implementing effective containment measures and building segmentation into network design, they demonstrated the importance of proactive cybersecurity strategies especially in mitigating the impact of such breaches.

Segmentation: Building Stronger Defenses

In the face of evolving cyber threats, healthcare organizations must prioritize robust cybersecurity measures to protect sensitive data and maintain the trust of their patients. A critical step, which Change Healthcare executed effectively, is incorporating segmentation into network design. This strategic approach enabled them to isolate and contain potential threats, shutting down access swiftly.

By dividing networks into distinct segments and implementing access controls based on user roles and permissions, organizations can contain breaches and limit the lateral movement of attackers within their infrastructure.

The Importance of Transparency and Disclosure

Another noteworthy aspect of the UnitedHealthcare data breach is the transparency and prompt disclosure of pertinent details surrounding the incident. Unlike in years past, where data breaches were often shrouded in secrecy and only disclosed months or even years later, the current landscape emphasizes the importance of timely and transparent communication.

Moving Forward: Strengthening Cyber Defenses

As the healthcare industry continues to confront evolving cyber threats, proactive measures and collaborative efforts are essential to fortify defenses and safeguard sensitive information.

By embracing cybersecurity solutions and prioritizing segmentation and transparency, healthcare organizations can mitigate risks, protect patient data, and uphold the integrity of their operations. As the adage goes, “good fences make good neighbors,” and investing in robust cybersecurity defenses is paramount to safeguarding the future of healthcare.

RedSeal can play a pivotal role in enhancing security.

RedSeal acts as a vital tool in mapping out defensive boundaries within the network. It provides organizations with a comprehensive overview of their network architecture, allowing them to understand how different segments interact and where potential vulnerabilities lie. With RedSeal, organizations can accurately assess their defensive posture and make informed decisions to block moving threats before they spread.

In times of uncertainty, one thing remains clear: proactive cybersecurity measures and innovative solutions like RedSeal are indispensable allies in the ongoing battle against cyber threats. Let us heed the lessons learned from this incident and collectively work towards a safer and more secure future for all.

Contact us for a demo www.redseal.net

Tales from the Trenches: When Low-Risk is Actually High-Concern

/by

Since 2004, RedSeal has been instrumental in empowering our clients to comprehensively visualize and fortify their intricate networks. While our customers initially grasped the importance of understanding their network architecture, connections, and identifying potential risks, there’s often an enlightening “aha” moment when the true significance becomes unmistakable. These narratives, cherished within the confines of RedSeal, vividly exemplify the practical value of our platform beyond mere theory. In the words of our dedicated field team, who collaborates directly with our clients, this blog series aims to unveil the instances where the theoretical transforms into tangible reality. 

Today’s post is brought to you by Chris Morgan, Client Engagement Director 

 

In the realm of cybersecurity, where threats and vulnerabilities lurk aplenty, RedSeal stands as a beacon of innovation. Pioneers in network security analytics, RedSeal delivers actionable insights, enabling customers to close defensive gaps across their entire network. 

While reviewing a large medical provider’s network, we discovered several high- and medium-severity vulnerabilities within the network. However, it was the low-risk vulnerability we found to be of highest concern.  

Delving deeper into our investigation, we unearthed a situation of seismic proportions. Amidst the chaos of the COVID-19 era, the client’s IT team had inadvertently granted unrestricted access to a seemingly mundane printer. However, unbeknownst to them, and visible now only because of RedSeal, this printer served as direct access to more than 14,000 hosts within the client’s expansive network, opening access that could enable bad actors to directly invade much of the network. RedSeal’s comprehensive approach, merging risk and access, empowers genuine prioritization for clients. 

With a fresh eye toward restricting access, we worked with the medical provider to remediate the exposure immediately, tightening access controls for printers and implementing access logs, securing them for the future.  

At RedSeal, we’re committed to helping you fortify your digital infrastructure, for good. We proactively help visualize your network, identify attack paths, prioritize risk, and help you stay in compliance to ensure your business and customers stay secure. 

Reach out to RedSeal or schedule a demo today.

 

Tales from the Trenches: My network hasn’t changed!

/by

Since 2004, RedSeal has been instrumental in empowering our clients to comprehensively visualize and fortify their intricate networks. While our customers initially grasped the importance of understanding their network architecture, connections, and identifying potential risks, there’s often an enlightening “aha” moment when the true significance becomes unmistakable. These narratives, cherished within the confines of RedSeal, vividly exemplify the practical value of our platform beyond mere theory. In the words of our dedicated field team, who collaborates directly with our clients, this blog series aims to unveil the instances where the theoretical transforms into tangible reality.

Today’s post is brought to you by John Bays, Senior Security Solutions Consultant, Federal

MY NETWORK HASN’T CHANGED

Imagine navigating the landscape of a government entity, where a dedicated administrator went about their daily routine, firmly believing that a single login to the server was all it took to keep things ticking. Little did they know, a significant issue had quietly brewed beneath the surface – the network had remained unchanged for a considerable six-month stretch.

Approaching the situation with curiosity, I gently posed some questions.

  • How might they have overlooked the network’s lack of growth?
  • What led them to believe that everything was running smoothly without addressing potential issues?

This unfolding scenario morphed into a journey of understanding, aiming to uncover misconceptions and illuminate the broader responsibilities at hand.

Misunderstanding a role’s responsibility happens. At RedSeal, we know this and help ensure misunderstandings are laid to rest. Taking a supportive approach, I guided them through various aspects of the platform, emphasizing the value of active involvement. As the pieces fell into place, a realization dawned on this client – our exploration revealed numerous devices being added and removed from the network. This revelation painted a richer picture, demonstrating that their role was more intricate than they had initially perceived.

This experience turned out to be a valuable lesson for all involved, highlighting the importance of staying engaged and adapting to the ever-changing dynamics of the network environment. It wasn’t about fault-finding; rather, it underscored the need for continuous learning and awareness in the evolving tech landscape. After all, even the most dedicated administrators can benefit from a broader perspective on their responsibilities.

At RedSeal, we’re committed to helping you fortify your digital infrastructure, for good. We proactively help visualize your network, identify attack paths, prioritize risk, and help you stay in compliance to ensure your business and customers stay secure.

Reach out to RedSeal or schedule a demo today.

Keeping an Eye on IPv6 in Your Hybrid Network

/by

IPv6 has its advantages

With the proliferation of connected devices, organizations everywhere are making the transition to Internet Protocol version 6 (IPv6). Beyond having astronomically more usable addresses than its IPv4 predecessor (2128 vs. 232), IPv6 has several other advantages, including:

  • Easier administration: IPv6 simplifies address configuration through Stateless Address Autoconfiguration (SLAAC) and DHCPv6 (Dynamic Host Configuration Protocol for IPv6). This reduces the likelihood of misconfigurations and makes it easier for organizations to manage their networks securely.
  • Improved routing efficiency: IPv6 eliminates the need for Network Address Translation (NAT), a practice used in IPv4 to conserve address space. NAT can introduce complexities and potential security vulnerabilities. With IPv6, devices can have globally routable addresses without the need for NAT.
  • Enhanced security: IPv6 incorporates security features that were not present in IPv4. For example, IPsec (Internet Protocol Security) is mandatory in IPv6, providing a framework for securing communication at the IP layer. IPsec can be used to encrypt and authenticate data, ensuring the confidentiality and integrity of network communications.

Overall, IPv6 tackles the many limitations and challenges of IPv4 while providing a scalable, efficient, and secure foundation for the future growth of the internet and the proliferation of internet-connected devices.

But the transition can be tricky

While the goal is to eliminate the use of IPv4 entirely, many corporations and governments are expected to maintain dual-stack networks—using both IPv4 and IPv6—for the foreseeable future. The U.S. Office of Management and Budget (OMB) has mandated that 80% of IP-enabled assets on federal networks must be operating in IPv6-only environments by the end of its 2025 fiscal year. Meanwhile, IPv6 has been growing unchecked in corporate networks for years, right alongside IPv4.

For too long, organizations have been able to put off the IPv6 transition as a challenge for tomorrow, but the pressure is now on. Cloud adoption is driving up IPv6 use, and unexpected IPv6 pathways are rife with risk. In the worst cases, firewall bypasses can spring up due to unintentional differences between old IPv4 and new IPv6 fabric. Ultimately, IPv6 adoption means bigger networks and more connections—and risks—to manage. Who’s keeping an eye on IPv6 in your network?

IPv6 intelligence for your evolving network

Wherever your organization may be on its journey to an IPv6-only network, you need the ability to answer fundamental questions about IPv6 in your network, and RedSeal can help:

  • What percentage of my total network assets are in IPv6-only environments?
  • Is this subnet truly IPv6-only?
  • What does this IPv6-only subnet look like?
  • Which specific devices need to be upgraded to IPv6?
  • How are IPv6 subnets connected to other parts of my network?
  • Has the introduction of IPv6 created security gaps in my network?

RedSeal delivers the visibility and network context you need to understand where and how IPv6 is being used in your network and what impact it has on your security and compliance initiatives.

Contact us for more details

For more information about how RedSeal can help you minimize risk and maximize resilience in your IPv6 and dual-stack networks, download our IPv6 datasheet and then schedule a demo with one of our cyber-savvy product experts today.

 

Additional IPv6 resources:

Strengthening the Fortress: Best Practices for Incident Response

/by

As the digital age continues to see rapid change, cyber threat looms over businesses, organizations, and individuals even more than before. And, as technology advances, so do the capabilities of cybercriminals. With today’s digital environment, more than ever before, crafting a robust cybersecurity incident response plan isn’t a recommendation—it’s a critical necessity.

What does this mean? It’s a matter of when—not if—a network is compromised. Companies can no longer assume that security frameworks offer invincibility from evolving cyberattack trends. Instead, businesses need a strong incident response program designed to help them quickly react—and in the worst-case scenario come out stronger on the other side.

Designing a sophisticated incident response framework

A cybersecurity incident response plan establishes a structured framework for teams to adhere to when facing a cyber incident or attack. As defined by Gartner, a cyber incident response plan is “formulated by an enterprise to respond to potentially catastrophic, computer-related incidents, such as viruses or hacker attacks.” Gartner research extends to projections for 2026, suggesting that organizations invest at least 20% of security funds in resilience and flexible programs to halve their recovery time.

In crafting a cybersecurity incident response plan tailored to the specific needs of your organization, key considerations and common components include:

1. Defining objectives and scope. Objectives could include, but aren’t limited to:

  • Impact minimization
  • Business continuity
  • Protecting sensitive information
  • Regulatory compliance
  • Identifying and understanding threats
  • Outline for timely recovery
  • Response efforts
  • Future improvements for cybersecurity posture
  • Post-incident analysis

2. Establishing an Incident Response Team (IRT). Assemble a dedicated team responsible for executing the response plan. The team should be comprised of members of the organization from IT, security, legal, communications, and any other relevant business teams. Roles and responsibilities should be clearly identified to ensure a coordinated and timely response.

3. Developing an incident classification system with procedures. A system for classifying incidents based on severity and impact can help guide the response process and help the IRT prioritize actions. We recommend creating a detailed response playbook with step-by-step guidance for various incidences can help a team contain and recover from the incident effectively and efficiently. Playbook should include communication procedures to ensure employees and appropriate external stakeholders are notified.

4. Implementing incident detection and reporting. Employing an effective detection and reporting system is critical for early identification and response to a cybersecurity incident. Examples include, but are not limited to:

  • Endpoint protection
  • Firewall and network monitoring
  • Email security systems
  • Security and awareness training for employees

5. Conducting regular training and simulation. Training for the incident response team should be set up regularly through simulations and exercises. Each month, RedSeal hosts a Cyber Threat Hunting Workshop. Through our workshop, you will use the RedSeal platform and threat hunt within a pre-built virtual network model. You’ll assess the network’s overall cybersecurity posture while refining your skills in risk and vulnerability assessment, cyber hunting, and incident response. At the completion of the session, you will have learned how to:

  • Identify potential attack vectors that bad actors could use to exploit existing vulnerabilities
  • Optimize resources by leveraging risk-based vulnerability prioritization
  • Easily identify devices on the network that pose the most risk to your enterprise—those with network access and exploitable vulnerabilities
  • Quickly visualize where bad actors can pivot following system compromise and traverse a network
  • Coordinate with other teams to minimize the impact of an event while enhancing your organization’s digital resilience
  • Use network context to develop mitigation strategies and implement your run-book plays

Preventing unauthorized access into, out of, or within a network requires understanding how that network is built– a difficult, tedious, and time-consuming task.

6. Post-incident analysis. Outline and conduct a comprehensive post-incident analysis to understand the root causes of the breach and to identify areas in need of improvement. Lessons should be documented, and the incident response plan should be updated accordingly.

Designing a robust incident response plan is just the tip of the iceberg.

The most important aspect of incident response could be what comes next—evaluation and improvement. Cybersecurity resilience requires constant monitoring and evolution. Regular updates and adaptions to the plan are imperative to effectively address the ever-evolving landscape of cyber threats. The journey to securing your network for good is an ongoing process, demanding an unwavering commitment to visibility, refinement, and optimization. At RedSeal, we’re committed to helping you fortify your digital infrastructure, for good. We proactively help visualize your network, identify attack paths, prioritize risk, and help you stay in compliance to ensure your business and customers stay secure.

 

Interested in learning more?

Download our in-depth look into incident response planning today!

Reach out to RedSeal or schedule a demo today.

Cyber Trends to Watch for in 2024: Navigating the Evolving Landscape

/by

As technology continues to advance at a rapid pace, the cyber landscape is undergoing unprecedented transformations. As we step into 2024, it’s crucial to stay ahead of the curve and be aware of emerging cyber trends.

Keep an eye on these notable trends unfolding in the cybersecurity landscape:

1. AI-Powered Cyber Attacks

Artificial Intelligence (AI) is no longer just a tool for cybersecurity; it’s also becoming a weapon in the hands of cybercriminals. In 2024, we can expect a surge in AI-powered cyber attacks. Attackers are leveraging machine learning algorithms to automate and enhance their attack strategies, making it more challenging for traditional security measures to detect and prevent these threats. Automating attack path analysis and malware analysis with AI are a couple of ways to combat attackers using AI.

According to Springfield FBI, Cybercrime costs businesses more than $10 billion in the U.S. last year, a figure that could reach $10.5 trillion, globally by 2025, according to Cybersecurity Ventures. They also estimate ransomware alone will cost its victims around $265 billion annually by 2031—an astonishing 815 times more than the $325 million that organizations spent on ransomware in 2015.

The average cost of a data breach reached an all-time high of $4.45 million in 2023, according to IBM—a 15.3% increase over the cost in 2020. Knowing what assets you need to protect and important steps you can take to identify and mitigate them is crucial.

2. Quantum Computing Threats

While quantum computing promises revolutionary advancements, it also poses a significant threat to current encryption standards. In 2024, as quantum computing technologies mature, the risk of cryptographic vulnerabilities increases. The primary goal of a cryptographic system is to ensure the confidentiality, integrity, and authenticity of data. Cryptographic techniques are widely used in various applications, including secure communication over the internet, data storage, authentication, and digital signatures. Cryptographic systems play a crucial role in ensuring the security of digital communication and information in various domains, including online banking, e-commerce, secure messaging, and data protection.

The White House and the Homeland Security Department have made clear that in the wrong hands, a powerful quantum computer could disrupt everything from secure communications to the underpinnings of our financial system.

Organizations must start preparing for quantum-resistant encryption methods to safeguard their sensitive information.

3. Ransomware 2.0: Double Extortion

Persistent and evolving, ransomware attacks continue to pose a significant threat. In 2024, we anticipate the rise of “Ransomware 2.0,” which involves double extortion tactics. In addition to encrypting data, attackers are increasingly stealing sensitive information before locking it down. This dual-threat approach puts added pressure on victims to pay the ransom, as the exposure of sensitive data adds a new dimension to the consequences of non-compliance. Prioritizing vulnerabilities and automating compliance checks can improve the efficiency of your security team.

4. IoT Security Challenges

The Internet of Things (IoT) is expanding rapidly, connecting more devices than ever before. Research expert for the consumer electronics industry, Lionel Sujay Vailshery of Statista, estimates that more than 15 billion devices are on the Internet of Things, outnumbering non-IoT devices with 2 of 3 on IoT. However, this increased connectivity comes with heightened security risks. In 2024, we anticipate a surge in IoT-related cyber attacks as attackers exploit vulnerabilities in poorly secured devices. Strengthening IoT security protocols, such as through device authentication and authorization, securing communication channels, keeping firmware and software up to date, and security testing and vulnerability management, will be crucial to prevent widespread breaches. Knowing what is attached and who can get to it will help protect you in the future.

5. Supply Chain Attacks

Supply chain attacks are not new, but they are becoming increasingly more sophisticated, with cybercriminals targeting the networks of suppliers and service providers to compromise the security of the ultimate target.

In a supply chain attack, an attacker might target a cybersecurity vendor and add malware to their software, which is then sent out in a system update to that vendor’s clients. When the clients download the update, believing it to be from a trusted source, the malware grants attackers access to those clients’ systems and information. This is essentially how the SolarWinds attack unfolded in 2020, targeting 18,000 customers.

As organizations continue to rely on a complex web of third-party vendors, securing the entire supply chain becomes paramount in 2024.

6. Regulatory Developments

Governments and regulatory bodies are increasingly recognizing the importance of cybersecurity. We’ve already seen change in New York’s requirements for reporting breaches by company size and in 2024, we anticipate the introduction of more stringent regulations and compliance requirements. Organizations will need to stay abreast of these changes to ensure they meet the evolving standards and avoid legal and financial repercussions.

The cyber landscape is poised for continued evolution. By adopting proactive cybersecurity measures and embracing innovative solutions, we can collectively navigate the challenges and threats that lie ahead.

At RedSeal, we’re committed to fortifying your digital infrastructure. We proactively help visualize your network, identify attack paths, prioritize risk, and help you stay in compliance to ensure your business and customers stay secure.

Reach out to RedSeal or schedule a demo today.

RedSeal Named “Zero Trust Network Access Solution of the Year” in 2024 CyberSecurity Breakthrough Awards Program

/by

Prestigious Annual Awards Program Recognizes Outstanding Information Security Products and Companies Around the World

LOS ANGELES, Oct. 10, 2024 (GLOBE NEWSWIRE) — CyberSecurity Breakthrough, a leading independent market intelligence organization that recognizes the top companies, technologies and products in the global information security market, today announced that RedSeal, a pioneer in network exposure management, has been selected as winner of the “Zero Trust Network Access Solution of the Year” award in the 8th annual CyberSecurity Breakthrough Awards program.

RedSeal’s breakthrough network exposure management platform identifies assets in a hybrid network that are vulnerable to risks and delivers contextual information to mitigate those risks. RedSeal identifies how adversaries can access a network and also uniquely shows lateral movement and risks within that network.

RedSeal addresses network complexity due to the advent of distributed, hybrid, and cloud environments by enabling network micro-segmentation to limit the blast radius of attacks, and fencing in threat actors to prevent them from reaching high-value data and assets. RedSeal manages segmentation at the application layer in hybrid environments, ensuring continuous compliance with configuration settings as required by federal guidelines.

RedSeal also consolidates all necessary information into a single platform, providing a holistic view of attack surfaces and a common language across platforms – enabling teams to quickly identify exposed apps and investigate misconfigurations all while bridging skills gaps.

RedSeal’s continuous monitoring ensures zero trust segmentation policies remain effective, alerting organizations to any policy slips and enabling immediate corrective action without consulting siloed teams. Aligned with the guidelines from NIST and the OMB, RedSeal enables a solid foundation for all organizations.

“Through our years of partnerships with federal agencies and F100 companies, we have worked diligently to enhance cybersecurity and have played a role in evolving Zero Trust guidelines and requirements. A zero trust approach demands continuous identification of who and what can access sensitive IT assets. We excel in creating a dynamic network model to support this need,” said Greg Enriquez, CEO of RedSeal. “This award from CyberSecurity Breakthrough reinforces our commitment to delivering best-in-class cybersecurity solutions. We’ll continue to deliver these types of solutions to ensure our clients stay ahead of cyber adversaries and thwart potential attacks.”

The mission of the CyberSecurity Breakthrough Awards is to honor excellence and recognize the innovation, hard work and success in a range of information security categories, including Cloud Security, Threat Intelligence, Risk Management, Fraud Prevention, Mobile Security, Application Security, Identity Management and many more. This year’s program attracted thousands of nominations from over 20 different countries throughout the world.

“RedSeal is unique in its ability to provide a single source of truth amid increasing hybrid network complexity, persistent skills challenges, and evolving threats. As bad actors use sophisticated methods, zero trust focuses on securing data. Today’s cyber threats are relentless, making it imperative for enterprises to have a comprehensive understanding of all attack paths,” said Steve Johansson, managing director, CyberSecurity Breakthrough. “RedSeal helps organizations confidently implement a zero trust framework by delivering comprehensive visibility, control, and continuous compliance across hybrid environments. It’s our pleasure to award RedSeal with ‘Zero Trust Network Access Solution of the Year.’”

About CyberSecurity Breakthrough
Part of Tech Breakthrough, a leading market intelligence and recognition platform for global technology innovation and leadership, the CyberSecurity Breakthrough Awards program is devoted to honoring excellence in information security and cybersecurity technology companies, products and people. The CyberSecurity Breakthrough Awards provide a platform for public recognition around the achievements of breakthrough information security companies and products in categories including Cloud Security, Threat Detection, Risk Management, Fraud Prevention, Mobile Security, Web and Email Security, UTM, Firewall and more. For more information visit CyberSecurityBreakthrough.com.

Tech Breakthrough LLC does not endorse any vendor, product or service depicted in our recognition programs, and does not advise technology users to select only those vendors with award designations. Tech Breakthrough LLC recognition consists of the opinions of the Tech Breakthrough LLC organization and should not be construed as statements of fact. Tech Breakthrough LLC disclaims all warranties, expressed or implied, with respect to this recognition program, including any warranties of merchantability or fitness for a particular purpose.

About RedSeal
RedSeal, a pioneer in cybersecurity and network exposure management, delivers proactive, actionable insights to close defensive gaps across hybrid environments. RedSeal continually discovers all resources, connections, and exposures, creating a single, comprehensive model—a network digital twin. This enables unparalleled analysis and simplified protection of the entire cyber terrain. Trusted by hundreds of Fortune 1000 companies and more than 75 government agencies, including five branches of the U.S. military, RedSeal improves operational efficiency, boosts staff productivity, and reduces business risk. Visit www.redseal.net to learn more.