Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Threat Intelligence

4/10/2018
10:53 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

SafeBreach Expands Visa Partnership for Threat Intelligence Integration in Breach and Attack Simulation

Extension of Market First Capability Empowers Payment Industry Unparalleled Speed and Agility in Attack Prevention; Partnership on Display at RSA Conference 2018

SUNNYVALE, CA – April 10, 2018 – SafeBreach, the leader in Breach and Attack Simulation, today announced an expansion in its partnership with Visa Threat Intelligence to provide an accelerated ability to integrate and “weaponize” the most current and comprehensive threat intelligence specific to the global payments ecosystem. SafeBreach is the first Breach and Attack Simulation provider to integrate Visa threat intelligence feeds via the Visa Developer Center API.

Processing more than a hundred billion payment transactions a year, Visa delivers exclusive indicators of compromise (IoCs) that can provide an unmatched level of visibility and understanding of threats and fraud specific to the payments ecosystem. Through this partnership, Visa IoCs add to the largest and most thorough simulation knowledge base in the industry in the SafeBreach Hacker’s Playbook™. They augment an already powerful tool for payment industry customers that allows them to validate security defenses against new simulations of real-world, critical attacks in less than 24 hours.

“Historically, the payments industry has been the sector under the most widespread and aggressive attacks from all manner of cyber actor,” said Guy Bejerano, CEO and co-founder of SafeBreach. “As such, it is a sector that requires the utmost vigilance, agility and preparedness to not only withstand assault, but to repel it. With an ability to almost immediately simulate attacks just emerging in the marketplace using exclusive IoCs, and validate defenses specific to each customer’s environment, means a customer can quantify the impact of an attack before it happens.”

“Trust and security are the cornerstones of the payment system, and we want to work with all stakeholders to make their businesses stronger and safer,” said Mark Nelsen, senior vice president, Risk and Authentication Products, Visa. “Through our work with SafeBreach, we’re empowering customers to identify and stop attacks by providing relevant, actionable threat intelligence.”

The SafeBreach ability to weaponize threat intelligence by transforming IoCs into hacker breach methods enables security teams to truly understand the activities that represent specific priority threats, and allows security analysts to dramatically improve their ability to anticipate future attacks, challenge their security defenses and train their security operations center (SOC) teams. The Hacker’s Playbook™ also incorporates the most comprehensive set of intelligence feeds for global visibility. In addition to Visa, SafeBreach integration partnerships include FireEye’s iSIGHT Intelligence, MITRE ATT&CK Framework and US-CERT Alerts.

The SafeBreach centralized management system incorporates the complete Hackers' Playbook of breach methodologies, and manages a distributed network of breach simulators from a centralized location. SafeBreach simulators perform the role of the attacker, simulating traffic within the cyber kill chain.

Visit SafeBreach at RSA Conference 2018:

Companies interested in seeing the SafeBreach platform in action can sign up for a demo or schedule a meeting with SafeBreach at the RSA 2018 Conference. SafeBreach product experts, security researchers and executives are available to discuss attack trends, techniques and tactics and the insights from the SafeBreach Hacker’s Playbook Findings Report. Additionally, on Tuesday, April 17, 2018, SafeBreach and Visa will host a Ping Pong and Cocktails event at SPIN, 690 Folsom St #100, San Francisco, CA 94107.  Register for an invitation here.

Companies interested in hearing more about security solutions to protect payment data can also attend a joint Visa and SafeBreach Breakfast Roundtable event on May 17, 2018 at the Visa Boardroom in San Francisco, CA.

About SafeBreach:

 

SafeBreach is a pioneer in the emerging category of Breach and Attack Simulations. The company’s groundbreaking platform provides a “hacker's view” of an enterprise’s security posture to proactively predict attacks, validate security controls and improve SOC analyst response. SafeBreach automatically executes thousands of breach methods from an extensive and growing Hacker’s Playbook™ of research and real-world investigative data. Headquartered in Sunnyvale, California, the company is funded by Sequoia Capital, Deutsche Telekom Capital, Hewlett Packard Pathfinder and investor Shlomo Kramer. For more information, visit www.safebreach.com or follow on Twitter @SafeBreach.

 

About Visa Inc.

 

Visa Inc. (NYSE: V) is a global payments technology company that connects consumers, businesses, financial institutions, and governments in more than 200 countries and territories to fast, secure and reliable electronic payments. We operate one of the world's most advanced processing networks – VisaNet – that is capable of handling more than 65,000 transaction messages a second, with fraud protection for consumers and assured payment for merchants. Visa Threat Intelligence is available to subscribers via the Visa Developer Center and is tailored to the needs of the payments industry. Visa Threat Intelligence delivers actionable indicators of compromise with critical context and key attributes to merchants, issuers & technology partners so they can quickly assess and act on the most critical cyber-attacks. For more information visit www.visathreatintelligence.com.

 

###

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
News
Former CISA Director Chris Krebs Discusses Risk Management & Threat Intel
Kelly Sheridan, Staff Editor, Dark Reading,  2/23/2021
Edge-DRsplash-10-edge-articles
Security + Fraud Protection: Your One-Two Punch Against Cyberattacks
Joshua Goldfarb, Director of Product Management at F5,  2/23/2021
News
Cybercrime Groups More Prolific, Focus on Healthcare in 2020
Robert Lemos, Contributing Writer,  2/22/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win an Amazon Gift Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
Building the SOC of the Future
Building the SOC of the Future
Digital transformation, cloud-focused attacks, and a worldwide pandemic. The past year has changed the way business works and the way security teams operate. There is no going back.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-21620
PUBLISHED: 2021-02-24
A cross-site request forgery (CSRF) vulnerability in Jenkins Claim Plugin 2.18.1 and earlier allows attackers to change claims.
CVE-2021-21621
PUBLISHED: 2021-02-24
Jenkins Support Core Plugin 2.72 and earlier provides the serialized user authentication as part of the "About user (basic authentication details only)" information, which can include the session ID of the user creating the support bundle in some configurations.
CVE-2021-21622
PUBLISHED: 2021-02-24
Jenkins Artifact Repository Parameter Plugin 1.0.0 and earlier does not escape parameter names and descriptions, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Job/Configure permission.
CVE-2020-28599
PUBLISHED: 2021-02-24
A stack-based buffer overflow vulnerability exists in the import_stl.cc:import_stl() functionality of Openscad openscad-2020.12-RC2. A specially crafted STL file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.
CVE-2020-7846
PUBLISHED: 2021-02-24
Helpcom before v10.0 contains a file download and execution vulnerability caused by storing hardcoded cryptographic key. It finally leads to a file download and execution via access to crafted web page.