Overdue Software Updates and Patches
Statistics suggest that unpatched software may be the #1 source of exploits for cyber attackers. According to US-CERT “cyber threat actors continue to exploit unpatched software to conduct attacks against critical infrastructure organizations. As many as 85 percent of targeted attacks are preventable.” The key to exploiting missing updates and security patches is to first find them. Attackers must navigate the network, move laterally, discover and then exploit out of date software. CryptoniteNXT Net Guard does not allow reconnaissance and CryptoniteNXT Micro Shield severely restricts attacker lateral movement. Instead of being exposed to potentially dozens of vulnerabilities, the attacker is contained at the originally infected endpoint without the visibility to see unpatched vulnerabilities.
Internet of Things (IoT) Devices
Internet of Things devices represents a new and rapidly expanding area of risk and vulnerability to business networks. It is estimated that by 2020, over 25% of cyber attacks will involve IoT devices, yet less than 10% of security budgets will account for IoT. Standard defense-in-depth cybersecurity software does not protect IoT devices. A CryptoniteNXT Zero Trust environment enables you to bring in new IoT devices without worrying about the liability inherent in your installed base. If the attacker cannot find these targets, see the network, nor move laterally within it, the attack is effectively over.
Smartphones are the newest and biggest risk area. They are attractive to cybercriminals because of the many millions in use and because they present a wealth of attack vectors. As smartphone and tablet use grows, hackers are discovering and documenting every possible way to break through mobile security. In cooperation with Mobile security solutions such as HPE’s Aruba Networks, CryptoniteNXT takes mobile security at the edge of networks and securely extends it across the entire network while also preventing adversary reconnaissance and lateral movement using moving target cyber defense technology. As before, attackers cannot perform reconnaissance, and they cannot move laterally between other mobile or wired endpoints and servers.
Embedded Processors in Turnkey Devices
Embedded processors in turnkey devices are often found to have out-of-date and unpatched operating systems. These devices are part of turnkey systems that are almost always closed, as in the case of medical devices, many automated teller and cash machines, some old network printers, and in large deployments of industrial control systems. With CryptoniteNXT Zero Trust, embedded processors with older operating systems can no longer be discovered. They are effectively invisible. Even if an attacker has enumerated the network prior to the installation of the CryptoniteNXT platform and has obtained the specific IP of the target, that IP address will not work in a CryptoniteNXT Zero Trust environment and the device will remain safe.
What people are saying about CryptoniteNXT
“With this device implemented and configured correctly, identification and enumeration of hosts becomes an improbable attack vector.”
Security and Analytics, Pen Testing, Compliance
“CryptoniteNXT uniquely prevents adversaries from exfiltrating actionable information from networks. The other key capability is their fine-grained micro-segmentation which stops east-west traffic that has enabled the spread of ransomware.”
Principal at Gula Tech Adventures
“CryptoniteNXT’s moving target cyber defense keeps attackers out in the early stages of a cyber attack, disrupting their ability to perform reconnaissance and enumeration against their target which is critical to weapon/malware/exploit delivery. This provides defenders the advantage of time and intelligence collection against the adversary to adjust their defenses against adversary TTPs (tactics, techniques and procedures).”
ROBERT HUBER, CHIEF STRATEGY OFFICER
“CryptoniteNXT provides a defense-in-depth security layer to address the ever-increasing ransomware threat. The integration with Palo Alto provides seamless multifactor network authentication, bypassing any need for captive portal, even for Mac users.”
SVP, Technical Operations
Credit Card Processing Company
“Our company maintains sensitive information for our clients that is critical to their success. We selected CryptoniteNXT to protect our clients intellectual property and our reputation. CryptoniteNXT is an integral component of our cyber security strategy stopping the bad guys from uncovering weaknesses in our network and using them to steal proprietary assets from our customers and our company. ”
CHIEF OPERATING OFFICER
Public Affairs Company
“We selected CryptoniteNXT to protect our enterprise network, as it prevents reconnaissance and the lateral movement of any attacks within the enterprise network. This solution closes a large gap in the current suite of cyber security tools that are currently available in the market.”
SENIOR DIRECTOR, INFORMATION TECHNOLOGY
“…CryptoniteNXT successfully prevented the network from being enumerated and traced. Standard scanning and spoofing tools provided no actionable intelligence about the protected network.”
Network Security Research & Development