The Good, the Bad and the Ugly in Cybersecurity – Week 9

The Good

Back in November we reported on the formation of the ByteCode Alliance, a joint venture involving Mozilla, Fastly and others, to build security components on top of the WebAssembly project. This week, Firefox announced RLBox, in part born out of the fruits of that joint project. RLBox allows Firefox components to run code inside a WebAssembly sandbox, protecting the host OS from any unknown vulnerabilities. The technology will come to Linux users in Firefox 74 and macOS in Firefox 75. Windows support will arrive “soon after”, according to Mozilla.

That’s not the only update Mozilla have been working on as they continue to impress by adding security features to their Firefox browser that should really make a difference. This week, the browser was also updated with a new encrypted-DNS service for US-based users. The encrypted DNS over HTTPS (DoH) protocol will ensure that DNS lookups are not snooped on by 3rd parties, such as your ISP, some of whom have been up to no good by selling customers’ real-time location data and delivering targeted ads without consent.

The Bad

There’s been a lot of headlines this week about kr00k, aka CVE-2019-15126. This is a vulnerability in Broadcom and Cypress Wi-Fi chips that could allow unauthorized decryption of some WPA2-encrypted traffic and which is said to affect over a billion devices. An attacker would need to be in Wi-Fi range and would only be able to capture a limited amount of traffic. Even so, that could represent a serious leak, particularly if the underlying communication was not itself encrypted (e.g., such as using http rather than https, or chat apps that do not encrypt messages prior to transmission). 

Among many devices vulnerable to the flaw, at least 14 Cisco products are said to be affected. The networking hardware giant says it is actively working on patches and that there is no workaround. Apple users on iOS 13.2 or above and macOS Catalina 10.15.1 or higher have already received patches several months ago. 

The Ugly

As we predicted, Maze ransomware has started a trend among fellow cyber criminals, who’ve caught on to the enticing prospect of ‘naming and shaming’ victims to add extra incentive to pay. Now, DoppelPaymer have added themselves to the list of ransomware operators who are doubling up on this new twist in the extortion racket. Aside from Maze and now DoppelPaymer, Sodinokibi and Nemty are also intent on playing the shame game. 

To that end, DoppelPaymer ransomware operators have this week published their own “Leaks” site, listing victims who have been attacked along with details of infected machines and sample files. For one recent victim, the site claims to have compromised 1438 devices.

The attackers have recently added 3 more victims to the original 4 published when the site went up earlier this week, and the signs are that the number will continue to increase. According to reports, the operators have themselves stated that they plan on performing more data exfiltration now that they have created their own leaks site. The site’s URL, which we’ll refrain from publishing here, is helpfully tagged by most browsers as being a dangerous phishing site, so that should help to keep most of the general public away. Unfortunately, that won’t stop the data being shared with other criminals, who will be only too interested in exploiting it any way they can. 

This kind of technique only adds to the dilemma for victims of ransomware as to whether they should pay or not pay, and underscores the need to ensure cybersecurity 101 for every organization: get protected before you get pwned


Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

DocuSign acquires Seal Software for $188M to enhance its AI chops

Contract management service DocuSign today announced that it is acquiring Seal Software for $188 million in cash. The acquisition is expected to close later this year. DocuSign, it’s worth noting, previously invested $15 million in Seal Software in 2019.

Seal Software was founded in 2010, and, while it may not be a mainstream brand, its customers include the likes of PayPal, Dell, Nokia and DocuSign itself. These companies use Seal for its contract management tools, but also for its analytics, discovery and data extraction services. And it’s these AI smarts the company developed over time to help businesses analyze their contracts that made DocuSign acquire the company. This can help them significantly reduce their time for legal reviews, for example.

“Seal was built to make finding, analyzing, and extracting data from contracts simpler and faster,” Seal Software CEO John O’Melia said in today’s announcement. “We have a natural synergy with DocuSign, and our team is excited to leverage our AI expertise to help make the Agreement Cloud even smarter. Also, given the company’s scale and expansive vision, becoming part of DocuSign will provide great opportunities for our customers and partners.”

DocuSign says it will continue to sell Seal’s analytics tools. What’s surely more important to DocuSign, though, is that it will also leverage the company’s AI tools to bolster its DocuSign CLM offering. CLM is DocuSign’s service for automating the full contract life cycle, with a graphical interface for creating workflows and collaboration tools for reviewing and tracking changes, among other things. And integration with Seal’s tools, DocuSign argues, will allow it to provide its customers with a “faster, more efficient agreement process,” while Seal’s customers will benefit from deeper integrations with the DocuSign Agreement Cloud.

Microsoft’s Cortana drops consumer skills as it refocuses on business users

With the next version of Windows 10, coming this spring, Microsoft’s Cortana digital assistant will lose a number of consumer skills around music and connected homes, as well as some third-party skills. That’s very much in line with Microsoft’s new focus for Cortana, but it may still come as a surprise to the dozens of loyal Cortana fans.

Microsoft is also turning off Cortana support in its Microsoft Launcher on Android by the end of April and on older versions of Windows that have reached their end-of-service date, which usually comes about 36 months after the original release.

cortana

As the company explained last year, it now mostly thinks of Cortana as a service for business users. The new Cortana is all about productivity, with deep integrations into Microsoft’s suite of Office tools, for example. In this context, consumer services are only a distraction, and Microsoft is leaving that market to the likes of Amazon and Google .

Because the new Cortana experience is all about Microsoft 365, the subscription service that includes access to the Office tools, email, online storage and more, it doesn’t come as a surprise that the assistant’s new feature will give you access to data from these tools, including your calendar, Microsoft To Do notes and more.

And while some consumer features are going away, Microsoft stresses that Cortana will still be able to tell you a joke, set alarms and timers, and give you answers from Bing.

For now, all of this only applies to English-speaking users in the U.S. Outside of the U.S., most of the productivity features will launch in the future.

Superhuman CEO Rahul Vohra on waitlists, freemium pricing and future products

The “Sent via Superhuman iOS” email signature has become one of the strangest flexes in the tech industry, but its influence is enduring, as the $30 per month invite-only email app continues to shape how a wave of personal productivity startups are building their business and product strategies.

I had a chance to chat with Superhuman CEO and founder Rahul Vohra earlier this month during an oddly busy time for him. He had just announced a dedicated $7 million angel fund with his friend Todd Goldberg (which I wrote up here) and we also noted that LinkedIn is killing off Sales Navigator, a feature driven by Rapportive, which Vohra founded and later sold in 2012. All the while, his buzzy email company is plugging along, amassing more interested users. Vohra tells me there are now more than 275,000 people on the waitlist for Superhuman.

Below is a chunk of my conversation with Vohra, which has been edited for length and clarity.


TechCrunch: When you go out to raise funding and a chunk of your theoretical user base is sitting on a waitlist, is it a little tougher to determine the total market for your product?

Rahul Vohra: That’s a good question. When we were doing our Series B, it was very easily answered because we’re one of a cohort of companies, that includes Notion and Airtable and Figma, where the addressable market — assuming you can build a product that’s good enough — is utterly enormous.

With my last company, Rapportive, there was a lot of conversation around, “oh, what’s the business model? What’s the market? How many people need this?” This almost never came up in any fundraising conversation. People were more like, “well, if this thing works, obviously the market is basically all of prosumer productivity and that is, no matter how you define it, absolutely huge.”

Notivize makes it easier for non-technical teams to optimize app notifications

A new startup called Notivize aims to give product teams direct access to one of their most important tools for increasing user engagement — notifications.

The company has been testing the product with select customers since last year and says it has already sent hundreds of thousands of notifications. And this week, it announced that it has raised $500,000 in seed funding led by Heroic Ventures.

Notivize co-founder Matt Bornski has worked at a number of startups including AppLovin and Wink, and he said he has “so many stories I can tell you about the time it takes to change a notification that’s deeply embedded in your stack.”

To be clear, Bornski isn’t talking about a simple marketing message that’s part of a scheduled campaign. Instead, he said that the “most valuable” notifications (e.g., the ones that users actually respond to) are usually driven by activity in an app.

For example, it might sound obvious to send an SMS message to a customer once the product they’ve purchased has shipped, but Bornski said that actually creating a notification like that would normally require an engineer to write new code.

“There’s the traditional way that these things are built: The product team specs out that we need to send this email when this happens, or send this SMS or notification when this happens, then the engineering team will go in and find the part of the code where they detect that such a thing has happened,” he said. “What we really want to do is give [the product team] the toolkit, and I think we have.”

Notivize rule

So with Notivize, non-coding members of the product and marketing team can write “if-then” rules that will trigger a notification. And this, Bornski said, also makes it easier to “A/B test and optimize your copy and your send times and your channels” to ensure that your notifications are as effective as possible.

He added that companies usually don’t build this for themselves, because when they’re first building an app, it’s “not a rational thing to invest your time and effort in when you’re just testing the market or you’re struggling for product market fit.” Later on, however, it can be challenging to “go in and rip out all the old stuff” — so instead, you can just take advantage of what Notivize has already built.

Bornski also emphasized that the company isn’t trying to replace services that provide the “plumbing” for notifications. Indeed, Notivize actually integrates with SendGrid and Twilio to send the notifications.

“The actual sending is not the core value [of what we do],” he said. “We’re improving the quality of what you’re paying for, of what you send.”

Notivize allows customers to send up to 100 messages per month for free. After that, pricing starts at $14.99 per month.

“The steady march of low-code and no-code solutions into the product management and marketing stack continues to unlock market velocity and product innovation,” said Heroic Ventures founder Michael Fertik in a statement. “Having been an early investor in several developer platforms, it is clear that Notivize has cracked the code on how to empower non-technical teams to manage critical yet complex product workflows.”

FCC Proposes to Fine Wireless Carriers $200M for Selling Customer Location Data

The U.S. Federal Communications Commission (FCC) today proposed fines of more than $200 million against the nation’s four largest wireless carriers for selling access to their customers’ location information without taking adequate precautions to prevent unauthorized access to that data. While the fines would be among the largest the FCC has ever levied, critics say the penalties don’t go far enough to deter wireless carriers from continuing to sell customer location data.

The FCC proposed fining T-Mobile $91 million; AT&T faces more than $57 million in fines; Verizon is looking at more than $48 million in penalties; and the FCC said Sprint should pay more than $12 million.

An FCC statement (PDF) said “the size of the proposed fines for the four wireless carriers differs based on the length of time each carrier apparently continued to sell access to its customer location information without reasonable safeguards and the number of entities to which each carrier continued to sell such access.”

The fines are only “proposed” at this point because the carriers still have an opportunity to respond to the commission and contest the figures. The Wall Street Journal first reported earlier this week that the FCC was considering the fines.

The commission said it took action in response to a May 2018 story broken by The New York Times, which exposed how a company called Securus Technologies had been selling location data on customers of virtually any major mobile provider to law enforcement officials.

That same month, KrebsOnSecurity broke the news that LocationSmart — a data aggregation firm working with the major wireless carriers — had a free, unsecured demo of its service online that anyone could abuse to find the near-exact location of virtually any mobile phone in North America.

In response, the carriers promised to “wind down” location data sharing agreements with third-party companies. But in 2019, Joseph Cox at Vice.com showed that little had changed, detailing how he was able to locate a test phone after paying $300 to a bounty hunter who simply bought the data through a little-known third-party service.

Gigi Sohn is a fellow at the Georgetown Law Institute for Technology Law and Policy and a former senior adviser to former FCC Chair Tom Wheeler in 2015. Sohn said this debacle underscores the importance of having strong consumer privacy protections.

“The importance of having rules that protect consumers before they are harmed cannot be overstated,” Sohn said. “In 2016, the Wheeler FCC adopted rules that would have prevented most mobile phone users from suffering this gross violation of privacy and security. But [FCC] Chairman Pai and his friends in Congress eliminated those rules, because allegedly the burden on mobile wireless providers and their fixed broadband brethren would be too great. Clearly, they did not think for one minute about the harm that could befall consumers in the absence of strong privacy protections.”

Sen. Ron Wyden (D-Ore.), a longtime critic of the FCC’s inaction on wireless location data sharing, likewise called for more string consumer privacy laws, calling the proposed punishment “comically inadequate fines that won’t stop phone companies from abusing Americans’ privacy the next time they can make a quick buck.”

“Time and again, from Facebook to Equifax, massive companies take reckless disregard for Americans’ personal information, knowing they can write off comparatively tiny fines as the cost of doing business,” Wyden said in a written statement. “The only way to truly protect Americans’ personal information is to pass strong privacy legislation like my Mind Your Own Business Act [PDF] to put teeth into privacy laws and hold CEOs personally responsible for lying about protecting Americans’ privacy.”

Business Email Compromise | What is BEC (And How Can You Defend Against It)?

While ransomware has been making all the headlines recently, criminals have been reaping far more rewards under the radar through Business Email Compromise (also known as ‘Email Account Compromise’), netting at least 17 times more per incident than ransomware. BEC/EAC, a relatively low-tech kind of financial fraud, yields high returns for the scammers with minimal risk. In this post, we take a look at how the Business Email Compromise scam works and how you can defend your organization against it. 

How Serious Is Business Email Compromise?

Business Email Compromise was the number one source of financial loss due to internet related crime in 2019, and by some margin. To put it in context, stats from the FBI suggest that losses due to ransomware averaged out at around $4,400 per incident and totalled just shy of $9 million in the U.S across 2019. In contrast, losses due to BEC were around 17 times higher, at $75,000 per incident, and amounted to a total financial loss north of $1.7 billion for the same period. 

Of all financial losses due to internet crime recorded by the FBI during 2019 – in sum, around $3.5 billion worth – BEC accounted for around 50% of the total. 

image of financial loss according to internet crime type in 2019

What is Business Email Compromise?

Business Email Compromise is a type of fraud in which organizations are tricked into making wire transfers to a third party that they falsely believe is a legitimate external supplier from overseas. 

The scam begins by either compromising or spoofing the email account of an executive or senior manager who is able to authorize other employees, such as those in Finance or Accounts Payable, to make wire transfers. 

The first part of the scam typically involves either a targeted phishing (aka spear-phishing) attack or credential theft through keyloggers. For example, a C-Suite executive may be targeted with a phishing attack that installs a Remote Access Trojan (RAT) to harvest credentials and other useful business information.

After that, the account is used to instruct other employees to complete a wire transfer request from a fake supplier. For example, a spoofed or hijacked account of a C-Suite executive may be used to send an internal email that reads something like the following:

image of example of BEC fraud email

Overseas banks, often in China, are used by the criminals to receive the funds. 

Necessarily, there is an element of social engineering involved as the attackers need to convince someone to push the wire transfer through. Social engineering may also be used in order to steal passwords and compromise or spoof the initial account. 

How Can You Defend Against BEC?

As we’ve seen above, Business Email Compromise revolves around three interrelated factors: email, people, and wire transfers.

Confirm Your Wire Transfers

Your company should always confirm wire transfer requests by some medium other than email: verify the request via a phone call through a known legitimate company number (not one provided in the email), a workplace communication channel like Slack, or even better face-to-face in person or via tele-conferencing software. 

Ideally, your company should put in place a policy for secondary confirmation for wire transfers such that everyone knows the drill. Demands not to initiate communication through any other medium than email (itself hardly a confidential means of communication) should be treated with suspicion.

Enable Multi-Factor Authentication

Protecting your users email accounts from compromise should also be high on your priority list. Although not perfect, 2FA and MFA will prevent by far and away the majority of account takeover attempts. Hardware security keys like Yubikey and others are worth considering for certain use cases.

How to Detect Malicious Emails

Having a strategy to protect your users against malicious emails is the third, and absolutely vital, pillar of your defensive strategy. Email has long proven to be the malicious actor’s best friend. It’s been estimated that anywhere between 80% – 95% of all enterprise attacks propagate through email, so this is definitely where you need to concentrate your efforts. 

Aside from the actual textual content of an email, which can be used to socially engineer individuals to take actions that may be harmful to their own or their organization’s interest, there are two main technical risks associated with emails: malicious attachments and links.

Strategies for Dealing with Malicious Attachments

In Business Email Compromises, attackers may use attachments to run executable code that can drop a RAT in order to install keyloggers, backdoors and other post-exploitation tools to help steal credentials and useful data such as contacts and previous email correspondence. BEC scammers typically spend some time profiling their victims in order to craft content that is as convincing as possible to pull off the social engineering aspect of the scam. For that reason, it’s important that you look at a range of options for preventing attachments from executing code. 

Attachment filtering can be used in a number of ways to help mitigate code execution. For example, email scanning software could be used to change file formats of attachments so that they cannot execute hidden code. 

While this may be effective to a certain extent, it suffers from the drawback that it may prevent users from carrying out ordinary business tasks with documents that need to be edited or returned in their original format. Given that impact, user-resistance could be high.

A better solution would involve content disarm and reconstruction (CDR), which deconstructs the attachment and removes harmful content. This has the benefit of being both highly effective and meeting low user-resistance, since the process is transparent at the user level. 

Dealing with Macros, Archives and Whitelists

It’s also a wise idea to disable or restrict Macros, as many attacks make use of Microsoft Office’s VBA scripting language to call out to C2 servers and download malicious payloads.

Also, ensure that your email scanning software deals with archives properly. Compressed files can bypass some unsophisticated scanning engines if they do not decompress files fully. Attackers have been known to append archive files to other files like images, which some security software might overlook.

Be careful with (or avoid) whitelisting files by extension: it’s a simple trick for attackers to bypass such whitelisting rules by renaming executable files with non-executable file extensions. If whitelisting attachments is a must, at least use a policy that whitelists by file typing – scanning the file to examine its format – to avoid the easiest of bypasses. 

Dealing with Links and Sender Verification

For emails that contain malicious links, one strategy used by some organizations is to defang hyperlinks in emails so that they are unclickable. This forces the user to copy and paste the link into a browser, a conscious process that provides an opportunity for users to pause and consider what they are doing.

Again, however, the issue is that whenever security impacts productivity and convenience, you will meet some user resistance. This security measure has the twin drawbacks of being both inconvenient and fallible, in the sense that introducing the delay still does not guarantee the user will not visit the link, so proceed with this policy with caution.

Another strategy to consider for dealing with emails is sender verification, such as through DMARC and SPF/DKIM. These technologies can help flag up fake sender identities (i.e., spoofed accounts), but they may not help in cases where the account belongs to a legitimate member of an organization but has been compromised by an attacker.

Finally, ensure that you are protecting against both malicious attachments and malicious links by arming your endpoints with an AI-driven security solution that can detect and block malicious code as it attempts to execute regardless of its origin: file or fileless, link or Macro. 

Conclusion

Verifying wire transfers and enabling multi-factor authentication are simple, effective ways to get ahead of scammers intent on Business Email Compromise. On top of that, consider the practicality of the techniques we’ve mentioned above as part of a layered, defense-in-depth approach.

While Business Email Compromise scams target the weakest link – busy staff trying their best to be productive – an automated, behavioral security solution like SentinelOne can also ensure that attempts to install RATs, keyloggers and other malware are stopped in their tracks.

If you would like to see how SentinelOne’s Singularity platform can protect your enterprise from all attacks, including Business Email Compromise, contact us or request a free demo.


Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security

London-based Gyana raises $3.9M for a no-code approach to data science

Coding and other computer science expertise remain some of the more important skills that a person can have in the working world today, but in the last few years, we have also seen a big rise in a new generation of tools providing an alternative way of reaping the fruits of technology: “no-code” software, which lets anyone — technical or non-technical — build apps, games, AI-based chatbots, and other products that used to be the exclusive terrain of engineers and computer scientists.

Today, one of the newer startups in the category — London-based Gyana, which lets non-technical people run data science analytics on any structured dataset — is announcing a round of £3 million to fuel its next stage of growth.

Led by U.K. firm Fuel Ventures, other investors in this round include Biz Stone of Twitter, Green Shores Capital and U+I , and it brings the total raised by the startup to $6.8 million since being founded in 2015.

Gyana (Sanskrit for “knowledge”) was co-founded by Joyeeta Das and David Kell, who were both pursuing post-graduate degrees at Oxford: Das, a former engineer, was getting an MBA, and Kell was doing a Ph. D. in physics.

Das said the idea of building this tool came out of the fact that the pair could see a big disconnect emerging not just in their studies, but also in the world at large — not so much a digital divide, as a digital light year in terms of the distance between the groups of who and who doesn’t know how to work in the realm of data science.

“Everyone talks about using data to inform decision making, and the world becoming data-driven, but actually that proposition is available to less than one percent of the world,” she said.

Out of that, the pair decided to work on building a platform that Das describes as a way to empower “citizen data scientists,” by letting users upload any structured data set (for example, a .CSV file) and running a series of queries on it to be able to visualise trends and other insights more easily.

While the longer term goal may be for any person to be able to produce an analytical insight out of a long list of numbers, the more practical and immediate application has been in enterprise services and building tools for non-technical knowledge workers to make better, data-driven decisions.

To prove out its software, the startup first built an app based on the platform that it calls Neera (Sanskrit for “water”), which specifically parses footfall and other “human movement” metrics, useful for applications in retail, real estate and civic planning — for example to determine well certain retail locations are performing, footfall in popular locations, decisions on where to place or remove stores, or how to price a piece of property.

Starting out with the aim of mid-market and smaller companies — those most likely not to have in-house data scientists to meet their business needs — startup has already picked up a series of customers that are actually quite a lot bigger than that. They include Vodafone, Barclays, EY, Pret a Manger, Knight Frank and the UK Ministry of Defense. It says it has some £1 million in contracts with these firms currently.

That, in turn, has served as the trigger to raise this latest round of funding and to launch Vayu (Sanskrit for “air”) — a more general purpose app that covers a wider set of parameters that can be applied to a dataset. So far, it has been adopted by academic researchers, financial services employees, and others that use analysis in their work, Das said.

With both Vayu and Neera, the aim — refreshingly — is to make the whole experience as privacy-friendly as possible, Das noted. Currently, you download an app if you want to use Gyana, and you keep your data local as you work on it. Gyana has no “anonymization” and no retention of data in its processes, except things like analytics around where your cursor hovers, so that Gyana knows how it can improve its product.

“There are always ways to reverse engineer these things,” Das said of anonymization. “We just wanted to make sure that we are not accidentally creating a situation where, despite learning from anaonyised materials, you can’t reverse engineer what people are analysing. We are just not convinced.”

While there is something commendable about building and shipping a tool with a lot of potential to it, Gyana runs the risk of facing what I think of as the “water, water everywhere” problem. Sometimes if a person really has no experience or specific aim, it can be hard to think of how to get started when you can do anything. Das said they have also identified this, and so while currently Gyana already offers some tutorials and helper tools within the app to nudge the user along, the plan is to eventually bring in a large variety of datasets for people to get started with, and also to develop a more intuitive way to “read” the basics of the files in order to figure out what kinds of data inquiries a person is most likely to want to make.

The rise of “no-code” software has been a swift one in the world of tech spanning the proliferation of startups, big acquisitions, and large funding rounds. Companies like Airtable and DashDash are aimed at building analytics leaning on interfaces that follow the basic design of a spreadsheet; AppSheet, which is a no-code mobile app building platform, was recently acquired by Google; and Roblox (for building games without needing to code) and Uncorq (for app development) have both raised significant funding just this week. In the area of no-code data analytics and visualisation, there are biggies like Tableau, as well as Trifacta, RapidMiner and more.

Gartner predicts that by 2024, some 65% of all app development will be made on low- or no-code platforms, and Forrester estimates that the no- and low-code market will be worth some $10 billion this year, rising to $21.2 billion by 2024.

That represents a big business opportunity for the likes of Gyana, which has been unique in using the no-code approach specifically to tackle the area of data science.

However, in the spirit of citizen data scientists, the intention is to keep a consumer version of the apps free to use as it works on signing up enterprise users with more enhanced paid products, which will be priced on an annual license basis (currently clients are paying between $6,000 and $12,000 depending on usage, she said).

“We want to do free for as long as we can,” Das said, both in relation to the data tools and the datasets that it will offer to users. “The biggest value add is not about accessing premium data that is hard to get. We are not a data marketplace but we want to provide data that makes sense to access,” adding that even with business users, “we’d like you to do 90% of what you want to do without paying for anything.”

Google Cloud’s newest data center opens in Salt Lake City

Google Cloud announced today that its new data center in Salt Lake City has opened, making it the 22nd such center the company has opened to date.

This Salt Lake City data center marks the third in the western region, joining LA and The Dalles, Oregon with the goal of providing lower latency compute power across the region.

“We’re committed to building the most secure, high-performance and scalable public cloud, and we continue to make critical infrastructure investments that deliver our cloud services closer to customers that need them the most,” said Jennifer Chason, director of Google Cloud Enterprise for the Western States and Southern California said in a statement.

Cloud vendors in general are trying to open more locations closer to potential customers. This is a similar approach taken by AWS when it announced its LA local zone at AWS re:Invent last year. The idea is to reduce latency by moving compute resources closer to the companies that need them, or to spread workloads across a set of regional resources.

Google also announced that PayPal, a company that was already a customer, has signed a multi-year contract, and will be moving parts of its payment systems into the western region. It’s worth noting that Salt Lake City is also home to a thriving startup scene that could benefit from having a data center located close by.

Google Cloud’s parent company Alphabet recently shared the cloud division’s quarterly earnings for the first time, indicating that it was on a run rate of more than $10 billion. While it still has a long way to go to catch rivals Microsoft and Amazon, as it expands its reach in this fashion, it could help grow that market share.

RSAC 2020 Kicks Off with SentinelOne’s Singularity Platform

It’s RSAC 2020, and as you would expect from a company that puts innovation and customer experience at the heart of everything we do, we are here with a stunning booth that is delighting our visitors. 

image of tweet about SentinellOne being favorite booth at RSAC 2020 conference

The booth at #727 South has a completely digital floor and ceiling, each portraying data entering and leaving our platform; it’s dynamic and changing all the time. In the center, there’s a tree-like structure which symbolizes not only the consolidation of a variety of cybersecurity spaces (EPP, EDR, IoT, CWPP) but also movement of data to and from other solutions into one platform. 

Announcing the Singularity Platform

Did someone mention one platform? Yes, we did! We kicked off the day and the conference with a demonstration of our Singularity platform, an industry-first data lake that seamlessly fuses together the data, access, control and integration planes of EPP, EDR, IoT and CWPP (Cloud Workload Protection) into a singular platform. What this means for our enterprise customers is integrated coverage of every attack surface, offering protection and visibility along with contextualized data right across the enterprise. Our Singularity platform – with one codebase, one deployment model –  provides autonomous protection, automation and threat intelligence from endpoint to cloud.

There’s One Virus That Isn’t Here

With so many AV specialists around, it’s no wonder that the conference is in full-swing, and fears of that other kind of virus, Covid-19, aka the novel Coronavirus, don’t seem to have dampened the enthusiasm of attendees to explore the many fascinating aspects on offer or to explore the offerings from different areas of the world. Among others, Germany, the UK and Israel all hosted national “pavilions” to showcase the capabilities and cyber security solutions of vendors from their regions. 

Sadly, three major vendors including AT&T and IBM did withdraw from the event out of health concerns, but aside from a somewhat quiet China booth, it seems like business as usual for everyone else. 

The Human Element

This year’s conference theme puts the spotlight on ‘the Human Element’ in cybersecurity. With a well-publicised shortage of talent in the industry, it’s more important than ever to recognize the role that good people, not just great technology, play in defending organizations against other people: the bad actors intent on stealing our data, money and intellectual property. 

SentinelOne helps individuals at all levels to grow into and succeed in their role. From giving CISOs peace-of-mind and sparing SOC analysts the evils of alert fatigue, to helping IT staff succeed in defending their networks with a product that does not require complex training or certifications to master, SentinelOne’s easy-to-use console with deep visibility and rapid threat hunting platform is here to help. 

image of mitre indicators

Conclusion

With 500 sessions, and over 700 exhibitor booths at RSAC 2020, it’s practically impossible to take in everything that the RSA Conference has to offer. But if there’s one booth that you are going to want to experience first-hand (the pictures just don’t do it justice), it’s the SentinelOne Singularity booth at #727 South. Come along and say “hi”, snap a selfie under our digital “tree” and learn about what other surprises we’ve got in store for the rest of the week. See you there!


Like this article? Follow us on LinkedIn, Twitter, YouTube or Facebook to see the content we post.

Read more about Cyber Security