Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

News & Commentary

1/13/2017
07:38 PM
Curtis Franklin Jr.
Curtis Franklin Jr.
Curt Franklin
50%
50%

Is Paranoid the New Normal Security?

Nyotron enters US with introduction of Paranoid endpoint protection platform.

Traditional computer and network security tries to harden the perimeter, treating any breach of the hardened wall around the enterprise as a failure. A new endpoint security platform, Nyotron Paranoid, bases its protection on the idea that the best perimeter can be breached and the best protection comes from limiting the resulting damage.

In a written statement, Nyotron CEO and Co-Founder Nir Gaist said, "The Paranoid platform's approach to protection is opposite that of traditional antivirus and next-generation endpoint vendors. They chase the attackers' methodologies and threat types.”

Gaist continued, "Rather than acting as a gate (which attacks ultimately bypass), our unique threat-agnostic approach assumes threats will get into the network and focuses on the damage stage of an attack. We can identify threats before they're able to damage an organization's critical assets."

Other security products and services, including those from Webroot Software Inc. , SentinelOne, Symantec Corp. (Nasdaq: SYMC) and Invincea, use machine learning to adapt to rapidly changing threats and the damage they inflict. But Nyotron says that Paranoid is different from other technologies.

According to a statement provided by the company, Nyotron wrote, "Paranoid works by mapping normal computer behavior with a patented technology that includes a new programming language called Behavior Pattern Map (BPM) that maps operating systems. Once Paranoid is implemented, the software can monitor system calls for normal, suspicious or malicious behavior attempts. This innovation enables Paranoid to detect and prevent breaches regardless of the type of sophisticated attack or technique that the threat uses to gain entry into a targeted network." Notably, Nyotron does not use the phrase "machine learning" in the description of Paranoid, an omission that may bring comfort to customers, which noted that this phrase was shown at the peak of the "hype cycle" in Gartner's August 2016 release on the state of the hype cycle near the end of the year.

Nyotron's website is currently under construction but the company says that it already has multiple customers for the platform and its other services.

— Curtis Franklin, Security Editor, Light Reading

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Edge-DRsplash-10-edge-articles
I Smell a RAT! New Cybersecurity Threats for the Crypto Industry
David Trepp, Partner, IT Assurance with accounting and advisory firm BPM LLP,  7/9/2021
News
Attacks on Kaseya Servers Led to Ransomware in Less Than 2 Hours
Robert Lemos, Contributing Writer,  7/7/2021
Commentary
It's in the Game (but It Shouldn't Be)
Tal Memran, Cybersecurity Expert, CYE,  7/9/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
How Enterprises are Attacking the Cybersecurity Problem
Concerns over supply chain vulnerabilities and attack visibility drove some significant changes in enterprise cybersecurity strategies over the past year. Dark Reading's 2021 Strategic Security Survey showed that many organizations are staying the course regarding the use of a mix of attack prevention and threat detection technologies and practices for dealing with cyber threats.
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-35499
PUBLISHED: 2021-10-26
The Web Reporting component of TIBCO Software Inc.'s TIBCO Nimbus contains easily exploitable Stored Cross Site Scripting (XSS) vulnerabilities that allow a low privileged attacker to social engineer a legitimate user with network access to execute scripts targeting the affected system or the victim...
CVE-2021-41182
PUBLISHED: 2021-10-26
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `altField` option of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `altField` option is now t...
CVE-2021-41183
PUBLISHED: 2021-10-26
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of various `*Text` options of the Datepicker widget from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. The values passed to various `*Text` options are now al...
CVE-2021-41184
PUBLISHED: 2021-10-26
jQuery-UI is the official jQuery user interface library. Prior to version 1.13.0, accepting the value of the `of` option of the `.position()` util from untrusted sources may execute untrusted code. The issue is fixed in jQuery UI 1.13.0. Any string value passed to the `of` option is now treated as a...
CVE-2021-41185
PUBLISHED: 2021-10-26
Mycodo is an environmental monitoring and regulation system. An exploit in versions prior to 8.12.7 allows anyone with access to endpoints to download files outside the intended directory. A patch has been applied and a release made. Users should upgrade to version 8.12.7. As a workaround, users may...