REDWOOD CITY, Calif.—October 21, 2015— Synack®, the security company that harnesses the power of a worldwide community of highly qualified and trusted researchers, today announced the launch of the Synack Hydra Technology PlatformTM. Hydra Technology is an advanced vulnerability intelligence platform that together with the SRT, gives the enterprise an unparalleled adversarial perspective of their digital assets.
Hydra combines the power of a modern vulnerability scanner with the expertise and creativity found in individual hacker toolkits to provide actionable intelligence to the Synack Red Team (SRT) so that they can locate, confirm and report exploitable bugs with unprecedented efficiency and scale. Acting as a closely integrated extension of internal security teams, the Hydra-enabled SRT delivers exploitation intelligence that reduces windows of exposure and provides comprehensive testing coverage across large, complex enterprise assets.
Strong security posture for a fast moving enterprise is no longer an option, it’s an expectation. Security is top of mind in the court of public opinion -- key business partners, customers, regulators, and rating agencies -- all want to know that the enterprise they do business with is proactively securing itself against cyber threats. Using Hydra Technology, the SRT locates and helps to eliminate the vulnerabilities that give way to cyber attacks that could ultimately threaten the way we live, play, travel, do business and interact with one another.
Synack’s proactive testing solution seamlessly combines the collective human intelligence of the SRT with Hydra’s advanced vulnerability intelligence technology, consistently delivering prioritized and contextualized exploitation intelligence that has led to record-breaking find-to-fix cycles for many of their enterprise clients.
“Hydra enables a single researcher like me to engage and help secure broad, evolving targets at a speed and depth that outpaces well-funded, persistent teams of cyber criminals,” says Colby Moore, a Synack Red Team member. “Think of Hydra as the ultimate force multiplier for white hat hackers to keep the enterprise a step ahead of the bad guys.”
Hydra’s continuous monitoring capabilities are designed to streamline the SRT’s reconnaissance phase of the testing process, allowing them to test faster and deeper across large enterprise assets without jeopardizing quality. This optimal pairing of man and machine is a unique approach to combating the real and ongoing threat of compromise that the enterprise faces on a daily basis -- strategically pitting a solution that leverages advanced technology to scale researcher intelligence against the threat of skilled blackhat hackers.
Today, Synack helps secure leading Fortune 500 financial, healthcare, consumer goods companies, among others, and Hydra will enhance Synack’s core solution in a way that can scale the unmatched expertise of the SRT across a growing customer base.
“Today's vulnerability solutions are flawed,” said Mark Kuhr, CTO and co-founder of Synack. “Some are human-centric, point-in-time penetration tests, which are limited to the skillsets of individual testers and project timelines. Others are solely reliant on scanner technologies, which overwhelm today's already-strained IT organizations with duplicates, false positives, uneven quality levels and thousands of submissions that require manual review. Hydra Technology delivers scalable, continuous testing to the enterprise without the noise, so that enterprises can secure their perimeter and ease the strain on security organizations.”
The Hydra platform can be separated into three subsets of functionality — host monitoring, web application analysis and mobile application analysis — all of which will be released in phases. Host monitoring capabilities will be available to Synack customers on October 21, with web and mobile testing capabilities to be released in the first half of 2016. The technology is available as part of the Synack subscription model. As Hydra technology is a SaaS offering, there is no physical or virtual appliance to install, no software to deploy and no physical infrastructure to acquire and maintain.
"As an industry, we have spent the past three decades deploying technology to prevent cyber attacks from happening at our organizations,” says Ted Schlein, general partner, Kleiner Perkins Caufield & Byers. "Synack's proactive solution is the first to seamlessly combine the power of human intelligence with advanced vulnerability intelligence technology to prevent attacks as well as profile your company's vulnerability to attack, which then empowers your security organizations to take action."
Based in Redwood City, California, Synack is a cyber security company that has built a unique Crowd Security Intelligence™ model that delivers secure, continuous, and scalable security assessments to the enterprise. The Synack solution leverages the best combination of humans and technology to create an offensive security-as-a-service offering that delivers an adversarial approach to exploitation intelligence. Synack’s founders, former National Security Agency analysts, Jay Kaplan, CEO, and Dr. Mark Kuhr, CTO, launched the company in May 2013 to apply their security expertise to the commercial sector. For more information, visit www.synack.com.