Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

7/21/2017
12:00 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Acalvio Partners with Splunk on Active Deception-Based Ransomware Solution

Free Trial of ShadowPlex-R Offers Organizations the Ability to Test Drive Deception 2.0-Based Solution. .

Santa Clara, Calif. – Acalvio Technologies, an innovator in Advanced Threat Defense, today announced the immediate availability of ShadowPlex-R, a comprehensive, distributed-deception solution for early, accurate and cost-effective detection and mitigation of ransomware. ShadowPlex-R is based on Acalvio’s patented Deception 2.0 technology, which delivers automated and authentic enterprise-scale deception with low IT impact.

 

ShadowPlex-R integrates with Splunk Enterprise Security (Splunk ES) to deliver comprehensive threat intelligence and ensure timely and efficient remediation for customers. Acalvio is a member of the Splunk Adaptive Response Initiative, which brings together leading vendors to leverage end-to-end context and automated response to help organizations better combat advanced attacks through a unified defense. Acalvio is offering a free trial of ShadowPlex-R which can be obtained here (http://acalvio.com/ransomware). Acalvio (booth #365) and Splunk (booth #1254) will be participating at Black Hat USA 2017 where security specialists will be available to demonstrate the capabilities of ShadowPlex-R and discuss the benefits of Deception 2.0 technology.

"Ransomware is the latest scourge of the internet, extorting millions of dollars from people and organizations after infecting and encrypting their systems," said Bryan Sartin, Executive Director, Global Security Services, Verizon Enterprise Solutions. "We have seen ransomware jump from the 22nd most common variety of malware in the 2014 DBIR to the fifth most common in this year’s data. In the past year, we have seen more technical and process innovation in ransomware than we have seen since the invention of Bitcoin-enabled anonymous payments. Fueled by the success of early attacks, organized criminal groups will continue to utilize ransomware to extort money. A solution, such as ShadowPlex-R, is needed to address today’s growing ransomware problem."

The market for ransomware protection is projected to grow to $17.36B by 2021, at a Compounded Annual Growth Rate (CAGR) of 16.3% according to a recent report by MarketsandMarkets. This demonstrates the compelling need for more sophisticated security solutions to address the ransomware problem. Moving forward, it will be important for organizations to utilize a deception-centric solution to detect ransomware for its inherent advantages over traditional detection solutions.

ShadowPlex-R’s patent-pending algorithms quickly detect and stop ransomware and its crippling effects. Specific benefits include:

●       Effective Detection: ShadowPlex-R presents attackers with a comprehensive palette of realistic and non-fingerprintable decoys, lures, baits and breadcrumbs that blend in with an organization’s production assets. These serve as sensors and any compromise to them results in very high fidelity detection.

●       Scalable and Flexible Deployment: ShadowPlex-R employs a DevOps approach to deploying deceptions. By dynamically and automatically deploying the most effective and relevant deceptions, ShadowPlex-R dramatically reduces the cost of operation compared to first generation deception products. By delivering deception from and to public clouds, private clouds and on-premises environments, organizations can deploy dynamic deceptions wherever their assets are deployed.

●       Low IT Impact: ShadowPlex-R dramatically lowers the cost of operation while simultaneously increasing efficacy, when compared to first generation deception products, by dynamically and automatically deploying the most effective and relevant deceptions.

"Our solution represents a fundamental leap over prevailing signature-based and anomaly-based approaches," said Ram Varadarajan, CEO, Acalvio. "ShadowPlex-R builds on our Deception 2.0 platform to detect ransomware in the most efficient fashion, and leverages Splunk to deliver comprehensive threat intelligence and timely remediation. Through a unique combination of distributed deception and Splunk, ShadowPlex-R provides a fundamentally new and effective way to detect and respond to Ransomware."

"Ransomware is a rapidly growing problem and requires a new approach to keep up with the rapid pace of its development," said Michael Osterman, Principal Analyst of Osterman Research. "Acalvio's unique and clever use of deception technology, plus its integration with Splunk's Threat Intelligence and Adaptive Response solution, promises to offer a robust and effective method of minimizing the likelihood of a ransomware infection."

"The growing threat of ransomware is leaving Security Operations Centers (SOCs) around the world scrambling for better answers. With ShadowPlex-R and its integration with Splunk Enterprise Security, Acalvio has created a first-of-its-kind solution to help detect and stop ransomware in its tracks,” said Haiyan Song, senior vice president of security markets, Splunk. “By combining delivery of high-fidelity alerts and comprehensive threat intelligence specific to ransomware with the Adaptive Response framework provided by Splunk Enterprise Security, Acalvio has built an innovative solution that helps enable faster detection and remediation against ransomware. We’re proud to partner with Acalvio to assist organizations around the world as they employ new detection techniques and address ransomware with security analytics.”

"ShadowPlex-R is one of the most innovative solutions currently available in the ransomware space,” said Golan Ben-Oni, CIO at IDT Corporation. “The combination of low false positives, low IT impact and cost-effectiveness makes it one of the most compelling solutions in the industry. We are very pleased to partner with Acalvio in this effort.”

ShadowPlex is a comprehensive, distributed deception platform that provides early, accurate and cost-effective detection of malicious activity within the enterprise. ShadowPlex is built on Acalvio’s patented Deception 2.0 technology which alleviates inherent structural limitations of Deception 1.0 solutions by leveraging data science and dynamic deception. It represents a quantum leap in architectural advancement that delivers scale, automation and authenticity with low IT overhead. ShadowPlex is designed for flexible deployment on-premises, private clouds and public clouds. The platform has pre-built integration with major security information event management (SIEM) systems for delivering comprehensive threat intelligence.

 

Acalvio and Splunk will be hosting a webinar on August 10 at 10 a.m. (PST), where Xuefeng Bai, Senior Solutions Engineer of Acalvio and Vijay Chauhan, Director, Global Strategic Alliances – Security Markets of Splunk, will provide a deep dive on how the companies are providing early, accurate and cost-effective detection and mitigation of ransomware. 

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
US Turning Up the Heat on North Korea's Cyber Threat Operations
Jai Vijayan, Contributing Writer,  9/16/2019
MITRE Releases 2019 List of Top 25 Software Weaknesses
Kelly Sheridan, Staff Editor, Dark Reading,  9/17/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: "He's too shy to invite me out face to face!"
Current Issue
7 Threats & Disruptive Forces Changing the Face of Cybersecurity
This Dark Reading Tech Digest gives an in-depth look at the biggest emerging threats and disruptive forces that are changing the face of cybersecurity today.
Flash Poll
The State of IT Operations and Cybersecurity Operations
The State of IT Operations and Cybersecurity Operations
Your enterprise's cyber risk may depend upon the relationship between the IT team and the security team. Heres some insight on what's working and what isn't in the data center.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2015-9405
PUBLISHED: 2019-09-20
The wp-piwik plugin before 1.0.5 for WordPress has XSS.
CVE-2015-9407
PUBLISHED: 2019-09-20
The xpinner-lite plugin through 2.2 for WordPress has xpinner-lite.php XSS.
CVE-2015-9408
PUBLISHED: 2019-09-20
The xpinner-lite plugin through 2.2 for WordPress has wp-admin/options-general.php CSRF with resultant XSS.
CVE-2019-16533
PUBLISHED: 2019-09-20
On DrayTek Vigor2925 devices with firmware 3.8.4.3, Incorrect Access Control exists in loginset.htm, and can be used to trigger XSS. NOTE: this is an end-of-life product.
CVE-2019-16534
PUBLISHED: 2019-09-20
On DrayTek Vigor2925 devices with firmware 3.8.4.3, XSS exists via a crafted WAN name on the General Setup screen. NOTE: this is an end-of-life product.