Threat Intelligence

4/10/2018
10:53 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

SafeBreach Expands Visa Partnership for Threat Intelligence Integration in Breach and Attack Simulation

Extension of Market First Capability Empowers Payment Industry Unparalleled Speed and Agility in Attack Prevention; Partnership on Display at RSA Conference 2018

SUNNYVALE, CA – April 10, 2018 – SafeBreach, the leader in Breach and Attack Simulation, today announced an expansion in its partnership with Visa Threat Intelligence to provide an accelerated ability to integrate and “weaponize” the most current and comprehensive threat intelligence specific to the global payments ecosystem. SafeBreach is the first Breach and Attack Simulation provider to integrate Visa threat intelligence feeds via the Visa Developer Center API.

Processing more than a hundred billion payment transactions a year, Visa delivers exclusive indicators of compromise (IoCs) that can provide an unmatched level of visibility and understanding of threats and fraud specific to the payments ecosystem. Through this partnership, Visa IoCs add to the largest and most thorough simulation knowledge base in the industry in the SafeBreach Hacker’s Playbook™. They augment an already powerful tool for payment industry customers that allows them to validate security defenses against new simulations of real-world, critical attacks in less than 24 hours.

“Historically, the payments industry has been the sector under the most widespread and aggressive attacks from all manner of cyber actor,” said Guy Bejerano, CEO and co-founder of SafeBreach. “As such, it is a sector that requires the utmost vigilance, agility and preparedness to not only withstand assault, but to repel it. With an ability to almost immediately simulate attacks just emerging in the marketplace using exclusive IoCs, and validate defenses specific to each customer’s environment, means a customer can quantify the impact of an attack before it happens.”

“Trust and security are the cornerstones of the payment system, and we want to work with all stakeholders to make their businesses stronger and safer,” said Mark Nelsen, senior vice president, Risk and Authentication Products, Visa. “Through our work with SafeBreach, we’re empowering customers to identify and stop attacks by providing relevant, actionable threat intelligence.”

The SafeBreach ability to weaponize threat intelligence by transforming IoCs into hacker breach methods enables security teams to truly understand the activities that represent specific priority threats, and allows security analysts to dramatically improve their ability to anticipate future attacks, challenge their security defenses and train their security operations center (SOC) teams. The Hacker’s Playbook™ also incorporates the most comprehensive set of intelligence feeds for global visibility. In addition to Visa, SafeBreach integration partnerships include FireEye’s iSIGHT Intelligence, MITRE ATT&CK Framework and US-CERT Alerts.

The SafeBreach centralized management system incorporates the complete Hackers' Playbook of breach methodologies, and manages a distributed network of breach simulators from a centralized location. SafeBreach simulators perform the role of the attacker, simulating traffic within the cyber kill chain.

Visit SafeBreach at RSA Conference 2018:

Companies interested in seeing the SafeBreach platform in action can sign up for a demo or schedule a meeting with SafeBreach at the RSA 2018 Conference. SafeBreach product experts, security researchers and executives are available to discuss attack trends, techniques and tactics and the insights from the SafeBreach Hacker’s Playbook Findings Report. Additionally, on Tuesday, April 17, 2018, SafeBreach and Visa will host a Ping Pong and Cocktails event at SPIN, 690 Folsom St #100, San Francisco, CA 94107.  Register for an invitation here.

Companies interested in hearing more about security solutions to protect payment data can also attend a joint Visa and SafeBreach Breakfast Roundtable event on May 17, 2018 at the Visa Boardroom in San Francisco, CA.

About SafeBreach:

 

SafeBreach is a pioneer in the emerging category of Breach and Attack Simulations. The company’s groundbreaking platform provides a “hacker's view” of an enterprise’s security posture to proactively predict attacks, validate security controls and improve SOC analyst response. SafeBreach automatically executes thousands of breach methods from an extensive and growing Hacker’s Playbook™ of research and real-world investigative data. Headquartered in Sunnyvale, California, the company is funded by Sequoia Capital, Deutsche Telekom Capital, Hewlett Packard Pathfinder and investor Shlomo Kramer. For more information, visit www.safebreach.com or follow on Twitter @SafeBreach.

 

About Visa Inc.

 

Visa Inc. (NYSE: V) is a global payments technology company that connects consumers, businesses, financial institutions, and governments in more than 200 countries and territories to fast, secure and reliable electronic payments. We operate one of the world's most advanced processing networks – VisaNet – that is capable of handling more than 65,000 transaction messages a second, with fraud protection for consumers and assured payment for merchants. Visa Threat Intelligence is available to subscribers via the Visa Developer Center and is tailored to the needs of the payments industry. Visa Threat Intelligence delivers actionable indicators of compromise with critical context and key attributes to merchants, issuers & technology partners so they can quickly assess and act on the most critical cyber-attacks. For more information visit www.visathreatintelligence.com.

 

###

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
'Hidden Tunnels' Help Hackers Launch Financial Services Attacks
Kelly Sheridan, Staff Editor, Dark Reading,  6/20/2018
Inside a SamSam Ransomware Attack
Ajit Sancheti, CEO and Co-Founder, Preempt,  6/20/2018
Tesla Employee Steals, Sabotages Company Data
Jai Vijayan, Freelance writer,  6/19/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-12697
PUBLISHED: 2018-06-23
A NULL pointer dereference (aka SEGV on unknown address 0x000000000000) was discovered in work_stuff_copy_to_from in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. This can occur during execution of objdump.
CVE-2018-12698
PUBLISHED: 2018-06-23
demangle_template in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30, allows attackers to trigger excessive memory consumption (aka OOM) during the "Create an array for saving the template argument values" XNEWVEC call. This can occur during execution of objdump.
CVE-2018-12699
PUBLISHED: 2018-06-23
finish_stab in stabs.c in GNU Binutils 2.30 allows attackers to cause a denial of service (heap-based buffer overflow) or possibly have unspecified other impact, as demonstrated by an out-of-bounds write of 8 bytes. This can occur during execution of objdump.
CVE-2018-12700
PUBLISHED: 2018-06-23
A Stack Exhaustion issue was discovered in debug_write_type in debug.c in GNU Binutils 2.30 because of DEBUG_KIND_INDIRECT infinite recursion.
CVE-2018-11560
PUBLISHED: 2018-06-23
The webService binary on Insteon HD IP Camera White 2864-222 devices has a stack-based Buffer Overflow leading to Control-Flow Hijacking via a crafted usr key, as demonstrated by a long remoteIp parameter to cgi-bin/CGIProxy.fcgi on port 34100.