Threat Intelligence

4/10/2018
10:53 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

SafeBreach Expands Visa Partnership for Threat Intelligence Integration in Breach and Attack Simulation

Extension of Market First Capability Empowers Payment Industry Unparalleled Speed and Agility in Attack Prevention; Partnership on Display at RSA Conference 2018

SUNNYVALE, CA – April 10, 2018 – SafeBreach, the leader in Breach and Attack Simulation, today announced an expansion in its partnership with Visa Threat Intelligence to provide an accelerated ability to integrate and “weaponize” the most current and comprehensive threat intelligence specific to the global payments ecosystem. SafeBreach is the first Breach and Attack Simulation provider to integrate Visa threat intelligence feeds via the Visa Developer Center API.

Processing more than a hundred billion payment transactions a year, Visa delivers exclusive indicators of compromise (IoCs) that can provide an unmatched level of visibility and understanding of threats and fraud specific to the payments ecosystem. Through this partnership, Visa IoCs add to the largest and most thorough simulation knowledge base in the industry in the SafeBreach Hacker’s Playbook™. They augment an already powerful tool for payment industry customers that allows them to validate security defenses against new simulations of real-world, critical attacks in less than 24 hours.

“Historically, the payments industry has been the sector under the most widespread and aggressive attacks from all manner of cyber actor,” said Guy Bejerano, CEO and co-founder of SafeBreach. “As such, it is a sector that requires the utmost vigilance, agility and preparedness to not only withstand assault, but to repel it. With an ability to almost immediately simulate attacks just emerging in the marketplace using exclusive IoCs, and validate defenses specific to each customer’s environment, means a customer can quantify the impact of an attack before it happens.”

“Trust and security are the cornerstones of the payment system, and we want to work with all stakeholders to make their businesses stronger and safer,” said Mark Nelsen, senior vice president, Risk and Authentication Products, Visa. “Through our work with SafeBreach, we’re empowering customers to identify and stop attacks by providing relevant, actionable threat intelligence.”

The SafeBreach ability to weaponize threat intelligence by transforming IoCs into hacker breach methods enables security teams to truly understand the activities that represent specific priority threats, and allows security analysts to dramatically improve their ability to anticipate future attacks, challenge their security defenses and train their security operations center (SOC) teams. The Hacker’s Playbook™ also incorporates the most comprehensive set of intelligence feeds for global visibility. In addition to Visa, SafeBreach integration partnerships include FireEye’s iSIGHT Intelligence, MITRE ATT&CK Framework and US-CERT Alerts.

The SafeBreach centralized management system incorporates the complete Hackers' Playbook of breach methodologies, and manages a distributed network of breach simulators from a centralized location. SafeBreach simulators perform the role of the attacker, simulating traffic within the cyber kill chain.

Visit SafeBreach at RSA Conference 2018:

Companies interested in seeing the SafeBreach platform in action can sign up for a demo or schedule a meeting with SafeBreach at the RSA 2018 Conference. SafeBreach product experts, security researchers and executives are available to discuss attack trends, techniques and tactics and the insights from the SafeBreach Hacker’s Playbook Findings Report. Additionally, on Tuesday, April 17, 2018, SafeBreach and Visa will host a Ping Pong and Cocktails event at SPIN, 690 Folsom St #100, San Francisco, CA 94107.  Register for an invitation here.

Companies interested in hearing more about security solutions to protect payment data can also attend a joint Visa and SafeBreach Breakfast Roundtable event on May 17, 2018 at the Visa Boardroom in San Francisco, CA.

About SafeBreach:

 

SafeBreach is a pioneer in the emerging category of Breach and Attack Simulations. The company’s groundbreaking platform provides a “hacker's view” of an enterprise’s security posture to proactively predict attacks, validate security controls and improve SOC analyst response. SafeBreach automatically executes thousands of breach methods from an extensive and growing Hacker’s Playbook™ of research and real-world investigative data. Headquartered in Sunnyvale, California, the company is funded by Sequoia Capital, Deutsche Telekom Capital, Hewlett Packard Pathfinder and investor Shlomo Kramer. For more information, visit www.safebreach.com or follow on Twitter @SafeBreach.

 

About Visa Inc.

 

Visa Inc. (NYSE: V) is a global payments technology company that connects consumers, businesses, financial institutions, and governments in more than 200 countries and territories to fast, secure and reliable electronic payments. We operate one of the world's most advanced processing networks – VisaNet – that is capable of handling more than 65,000 transaction messages a second, with fraud protection for consumers and assured payment for merchants. Visa Threat Intelligence is available to subscribers via the Visa Developer Center and is tailored to the needs of the payments industry. Visa Threat Intelligence delivers actionable indicators of compromise with critical context and key attributes to merchants, issuers & technology partners so they can quickly assess and act on the most critical cyber-attacks. For more information visit www.visathreatintelligence.com.

 

###

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Veterans Find New Roles in Enterprise Cybersecurity
Kelly Sheridan, Staff Editor, Dark Reading,  11/12/2018
Understanding Evil Twin AP Attacks and How to Prevent Them
Ryan Orsi, Director of Product Management for Wi-Fi at WatchGuard Technologies,  11/14/2018
7 Free (or Cheap) Ways to Increase Your Cybersecurity Knowledge
Curtis Franklin Jr., Senior Editor at Dark Reading,  11/15/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Flash Poll
Online Malware and Threats: A Profile of Today's Security Posture
Online Malware and Threats: A Profile of Today's Security Posture
This report offers insight on how security professionals plan to invest in cybersecurity, and how they are prioritizing their resources. Find out what your peers have planned today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-19349
PUBLISHED: 2018-11-17
In SeaCMS v6.64, there is SQL injection via the admin_makehtml.php topic parameter because of mishandling in include/mkhtml.func.php.
CVE-2018-19350
PUBLISHED: 2018-11-17
In SeaCMS v6.6.4, there is stored XSS via the member.php?action=chgpwdsubmit email parameter during a password change, as demonstrated by a data: URL in an OBJECT element.
CVE-2018-19341
PUBLISHED: 2018-11-17
The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information via a U3D sample because of a "Read Access Violation near NULL starting at FoxitReader...
CVE-2018-19342
PUBLISHED: 2018-11-17
The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to cause a denial of service (out-of-bounds read) or obtain sensitive information via a U3D sample because of a "Read Access Violation starting at U3DBrowser+0x00000000...
CVE-2018-19343
PUBLISHED: 2018-11-17
The u3d plugin 9.3.0.10809 (aka plugins\U3DBrowser.fpi) in FoxitReader.exe in Foxit Reader 9.3.0.10826 allows remote attackers to cause a denial of service (out-of-bounds read), obtain sensitive information, or possibly have unspecified other impact via a U3D sample because of a "Data from Faul...