Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News

1/21/2015
03:30 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Bitglass Breach Discovery Limits Damage From Data Breaches

Automated Service Enables Enterprises to Discover Data Breaches Early

CAMPBELL, Calif. (Jan 21, 2015)Bitglass, the Total Data Protection company, today announced Bitglass Breach Discovery, a service that dynamically analyzes an enterprise’s risk of network data breach by identifying high-risk outbound data flows from the corporate network. Breach Discovery is part of the Bitglass Total Data Protection Suite, which protects corporate data on the network, in the cloud, at access and on mobile devices. The Bitglass Breach Discovery service is a cloud-based automated engine that analyzes firewall logs against a continually updated risk-intelligence database to identify exfiltration to high-risk locations outside the firewall, including malware, targeted threats, cloaked destinations, zero-day attacks, insider threats, shadow IT and more.

Traditional breach prevention solutions are focused on blocking network or malware intrusion by inspecting inbound traffic. Such solutions are deployed as inline appliances at the firewall. Sophisticated hackers are able to get past such intrusion-detection appliances via a variety of ways, including stolen passwords, trojans on mobile devices and laptops, targeted phishing attacks, and more.  Once inside the network, the hacker exfiltrates sensitive data through the corporate firewall to a remote network location or file-sharing application, and is often undetected for months.  Recent data breaches at Sony, JPMorgan, Home Depot, Target and others occurred despite significant investment in breach-prevention technologies, and the hacker was able to export sensitive data over long periods of time entirely undetected.

“The Bitglass Breach Discovery service is valuable to any enterprise concerned with breach risks, especially since it requires no additional software or hardware to install and manage," said Marc Hamer, CIO of Babcock and Wilcox.

One enterprise that beta-tested the new service was immediately surprised by what they found – first, a Linux server with access to source code repositories was exfiltrating sensitive data via seemingly benign clock synchronization events to a cloaked destination; second, a salesperson’s company-issued laptop was indirectly accessing a confirmed malware host via a benign URL. These two ongoing breaches had happened despite the comprehensive security investments the company had made.

“Data Breaches are the first topic of discussion for the CIO in any board room,” said Zahid Afzal, COO of Capital Bank. “The Bitglass Breach Discovery Service adds a new weapon to limit the damage.”

Enterprises simply feed logs to the Breach Discovery service and receive reports carrying ranked alerts with drill-downs by various parameters to assist in remediation of the breach. In contrast, traditional on-premises log analytics and SIEM solutions require substantial investments in hardware, software and personnel to install and maintain, as well as additional manpower and risk intelligence to interpret and investigate a firehouse of unranked alerts.

Data breaches in retail, healthcare, financial services and other industries cause considerable economic damage, costing jobs, reputations and financial losses,” said Nat Kausik, CEO of Bitglass. “Our mission is to protect corporate data outside the firewall and an important part of the mission is to analyze the data that is leaving the firewall. Bitglass Breach Discovery service enables corporate IT professionals to discover breaches before it is too late.”

 

Availability

The Bitglass Breach Discovery service is available immediately.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Why Vulnerable Code Is Shipped Knowingly
Chris Eng, Chief Research Officer, Veracode,  11/30/2020
Inside North Korea's Rapid Evolution to Cyber Superpower
Kelly Sheridan, Staff Editor, Dark Reading,  12/1/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-27409
PUBLISHED: 2020-12-04
OpenSIS Community Edition before 7.5 is affected by a cross-site scripting (XSS) vulnerability in SideForStudent.php via the modname parameter.
CVE-2020-27408
PUBLISHED: 2020-12-04
OpenSIS Community Edition through 7.6 is affected by incorrect access controls for the file ResetUserInfo.php that allow an unauthenticated attacker to change the password of arbitrary users.
CVE-2020-27765
PUBLISHED: 2020-12-04
A flaw was found in ImageMagick in MagickCore/segment.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. This would most likely lead to an impact to application availability, but could potentially cause ot...
CVE-2020-27766
PUBLISHED: 2020-12-04
A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of type `unsigned long`. This would most likely lead to an impact to application availability, b...
CVE-2020-27767
PUBLISHED: 2020-12-04
A flaw was found in ImageMagick in MagickCore/quantum.h. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of values outside the range of types `float` and `unsigned char`. This would most likely lead to an impact to application avai...