RSA Conference 2020 - Catching Hackers in the Act
By Val Bercovici, Co-Founder & CEO
Nearly 700 companies will exhibit their latest offerings at the RSA 2020 Conference this month as the security community coalesces to talk cyber attacks and countermeasures for each layer of the ever expanding technology stack. But, despite the plethora of endpoint protection, cloud visibility, privileged access, and security incident events management (SIEM) solutions, 39% of threats dwell undetected for months to years.
These long dwelling threats are cyber weapons developed by nation state actors and amplified by cybercriminals to steal valuable assets and disrupt organizations in financial services, healthcare, critical infrastructure, and other sectors. Helping customers regain the edge requires proactive defenses that complement traditional mitigation focused tools.
Chainkit by PencilDATA solves this problem by creating irrefutable chains of custody for data, infrastructure, and code using proven distributed ledger math. Establishing irrefutable data custody slashes dwell times and interrupts the attack chain the moment intruders attempt to establish command and control and/or tamper with data. As a result, organizations benefit from unprecedented early visibility into previously invisible break-ins.
Today, I’m pleased to share the availability of Chainkit for Splunk and Chainkit for Elastic, which apply PencilDATA’s distributed ledger-based event log authentication against adversarial anti-forensic techniques used in most successful cyber attacks. Empowering security analytics systems to see the 39% of stealth attacks in real-time changes the attack damage equation from incident response and recovery to incident containment, resulting in millions of dollars saved per customer. Chainkit is like a time machine that allows security analysts to catch hackers as they enter the organization instead of well after the point of breach.
Chainkit’s integrations for Splunk and Elastic enable organizations to comply with ISO 27000, NIST 800, and SOC 2 requirements to protect event logs from the anti-forensic techniques that hackers deploy to hide their tracks once inside a network. They enable managed security providers, government agencies, Global 2000, Fortune 500, and mid-sized enterprise customers to uncover the stealthiest of attacks and reduce threat dwell times while meeting compliance requirements for automating forensic-class audits and continuously thwarting hacks.
Chainkit gives organizations a scalable way to enforce mandated privacy and security controls for logs, data, and systems at the most granular level ‒ down to individual file words, data cells, log lines, and source code. Due to the historic lack of commercially available solutions addressing anti-forensic log tampering, auditors have given organizations a pass on specific sections of security audits despite the mandates, namely Section 12.14 of ISO 27001 which requires the use of anti-forensic tools to prevent log tampering. From 2020 onwards, organizations can adopt Chainkit to update their compliance posture for these sections before auditors suspend certification, which would hold up most digital business operations.
We are thrilled to announce that Carahsoft Technology Corp., The Trusted Government IT Solutions Provider® has added Chainkit to its solution suite, which simplifies IT procurement for US federal, state, and local agencies that prefer a one-stop shop for their technology needs.
As additional momentum, I’m happy to share that PencilDATA is joining the global CyLon accelerator program, which invests in the top cybersecurity startups from around the world. I look forward to spending time with the team and its broader network to grow our customer base and arm them with the tools they need to find and stop stealth-mode threats before they cause breaches that draw regulatory fines and reputational damage.
Here’s to the next chapter!