Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Physical Security

12/10/2020
04:20 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Karamba Security Announces XGuard Monitor to Manage the Security of Millions of IoT Devices at Scale

Patent-pending algorithms automatically provide early warnings to mitigate new cyberattacks on device fleets and achieve regulatory compliance.

HOD HASHARON, Israel, Dec. 10, 2020 (GLOBE NEWSWIRE) -- Karamba Security, a world leading IoT security company, is leveraging the fast market adoption of its XGuard embedded agents to announce today its XGuard Monitor platform for fleet-wide security management. The company also announced that XGuard Monitor will be integrated with Micro Focus ArcSight Intelligence cloud analytics to offer comprehensive protection for IoT devices at large scale.

Recent Reported Cybersecurity Threats
The IoT market is due to reach 31 billion connected devices this year, and by 2025 there will be roughly 75 billion IoT devices[1]. Hackers have identified IoT devices as vulnerable to attacks. Attacks and vulnerabilities reported in the last six months reflect this rapidly growing trend:

  • In October, the National Security Agency reported how edge devices were exploited by Chinese hackers
  • In November, a series of vulnerabilities were reported on Tesla’s Powerwall, an energy storage gateway used in factories and residentials
  • In August, white hat hackers reported how they can violate the privacy of hundreds of millions of users of Amazon’s Alexa
  • In July, Iranian hackers exploited cellular gateways to make harmful modifications to Israel’s water sources

The Challenge of Managing the Security of Large Deployments of IoT Devices
The widespread attacks have resulted in customers and regulators requiring IoT device manufacturers to manage the security of their devices. However, the number of devices that are managed in fleets and arrays ranges from tens of thousands to millions of units. This creates scalability and cost issues for the IoT operator and the product manufacturer. The sheer scale introduces significant white noise of alerts, which easily masks actual attacks. In addition, operating costs are disproportionately high, due to the number of analysts needed to sift through the massive number of events generated by a fleet’s IoT devices.

“As security teams accelerate efforts to secure IoT devices, they now need a unified way to manage those activities across their base of devices. With the experience we have gained protecting more than 12 million devices in all the leading industry sectors, we are in an ideal position to create a comprehensive and scalable management platform to solve this problem,” says Ami Dotan, Karamba Security CEO and Co-founder.

XGuard Monitor – IoT Security at Scale
Karamba Security’s XGuard Monitor fills this gap and enables management of a large-scale number of IoT devices, with smart profiling of the device and the entire IoT fleet. It leverages XGuard agents that are seamlessly embedded into the IoT devices to automate security management and threat detection, as well as prevent attacks before they spread from one device to the entire fleet.

Better Security by Removing the Noise of Excessive Security Events
XGuard Monitor software constantly monitors the IoT device network and system parameters and reports suspicious device behavior to the XGuard Monitor analysis server, a consolidator, which aggregates and models the events. XGuard Monitor’s smart aggregation model reduces the number of events by 90%. It also reduces false alerts and data noise, which clutter security analysts’ views and increase the risk of cyberattacks being undetected.

Deep Incident Analysis
Leveraging XGuard’s seamless integration, manufacturers embed XGM software into the device firmware during the software development and update processes. The agent provides deep visibility into device parameters. Such visibility enables fast and comprehensive incident research, including taking preventative measures on the device itself.

Partnering for the Future of IoT Cyber Security
Karamba Security has joined forces with Micro Focus to combine their powerful analytics for intelligent prevention, detection and response capabilities with threat signals generated across the connected IoT device ecosystem. 

“The ability to protect IoT devices while building a unique profile at scale across a product portfolio is a priority for the connected device industry,” said John Delk, General Manager and Senior Vice President, Security at Micro Focus. “This partnership with Karamba Security’s XGuard Monitor will deliver a leading solution that enables IoT devices to be automatically protected and monitored for previously unknown attacks resulting in a more resilient connected device ecosystem. Put simply, we are partnering for the future of cyber resilience.”

Complying with Industry Standards
Industry standards, such as UN WP.29 for the automotive industry and IEC 62443 for smart building and smart factories, require manufacturers to manage their devices’ security. XGuard Monitor satisfies those requirements, at scale, without putting a cost burden on the management backend.

“Meeting the UNECE WP.29 new cybersecurity regulation is a critical task for automotive OEMs,” says Paul Mascarenas, Chairman of FISITA and former Chief Technical Officer at Ford Motor Company. “The need to manage the fleet of vehicles, while ensuring their cybersecurity posture, is one of today’s top industry priorities. The regulators are looking to ensure a safe and smooth transition to a fleet of connected and autonomous vehicles. The XGuard Monitor solution is poised as an efficient and scalable way to meet this task, while combining active monitoring with a preventive approach to cybersecurity and maintaining consumers’ safety and trust in the evolution of mobility.”

Market Leadership
Karamba Security is an IoT endpoint security market leader. In only two years of sales, the company succeeded in signing agreements to protect 12M devices, with marquee customers such as Alps Alpine (Japan), AP Systems (U.S.), Hitachi (Japan), IFM (Germany), Solar Edge (Israel), and Stanley (U.S.).

More information about Karamba Security XGuard Monitor can be found here.
More information about Micro Focus ArcSight Intelligence cloud analytics can be found here.

About Karamba Security

Karamba Security is the world leader in IoT embedded security, providing award winning, seamlessly embedded, cybersecurity solutions for connected devices. Manufacturers in automotive, Industry 4.0, enterprise edge and Industrial IoT rely on Karamba’s products and services to protect their connected devices against cyberattacks. Fortune 100 companies, automotive OEMs, Tier-1 providers and other manufacturers of connected devices trust Karamba’s solutions for protecting their customers against cyberthreats. More information is available at www.karambasecurity.com and follow us on Twitter @KarambaSecurity.

Media Contact:
Montner Tech PR
Deb Montner
[email protected] 

[1] https://www.cybintsolutions.com/cyber-security-facts-stats/ 

A photo accompanying this announcement is available at https://www.globenewswire.com/NewsRoom/AttachmentNg/2d24883f-9b37-42f6-8585-e75b4604d10e

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Visit the Web's Most Authoritative Resource on Physical Security

To get the latest news and analysis on threats, vulnerabilities, and best practices for enterprise physical security, please visit IFSEC Global. IFSEC Global offers expert insight on critical issues and challenges in physical security, and hosts one of the world's most widely-attended conferences for physical security professionals.

News
FluBot Malware's Rapid Spread May Soon Hit US Phones
Kelly Sheridan, Staff Editor, Dark Reading,  4/28/2021
Slideshows
7 Modern-Day Cybersecurity Realities
Steve Zurier, Contributing Writer,  4/30/2021
Commentary
How to Secure Employees' Home Wi-Fi Networks
Bert Kashyap, CEO and Co-Founder at SecureW2,  4/28/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-32077
PUBLISHED: 2021-05-06
Primary Source Verification in VerityStream MSOW Solutions before 3.1.1 allows an anonymous internet user to discover Social Security Number (SSN) values via a brute-force attack on a (sometimes hidden) search field, because the last four SSN digits are part of the supported combination of search se...
CVE-2020-23263
PUBLISHED: 2021-05-06
Persistent Cross-site scripting vulnerability on Fork CMS version 5.8.2 allows remote attackers to inject arbitrary Javascript code via the "navigation_title" parameter and the "title" parameter in /private/en/pages/add.
CVE-2020-23264
PUBLISHED: 2021-05-06
Cross-site request forgery (CSRF) in Fork-CMS before 5.8.2 allow remote attackers to hijack the authentication of logged administrators.
CVE-2021-27941
PUBLISHED: 2021-05-06
Unconstrained Web access to the device's private encryption key in the QR code pairing mode in the eWeLink mobile application (through 4.9.2 on Android and through 4.9.1 on iOS) allows a physically proximate attacker to eavesdrop on Wi-Fi credentials and other sensitive information by monitoring the...
CVE-2021-29203
PUBLISHED: 2021-05-06
A security vulnerability has been identified in the HPE Edgeline Infrastructure Manager, also known as HPE Edgeline Infrastructure Management Software, prior to version 1.22. The vulnerability could be remotely exploited to bypass remote authentication leading to execution of arbitrary commands, gai...