TL; DR: Sepio Methods, founded in 2016, is pioneering the components access control (HAC) space using a platform that provides best visibility, policy enforcement, and also rogue device mitigation (RDM). The perfect solution is uses physical-layer fingerprinting, equipment learning modules, and a threat intelligence database to totally protect customers against hardware-based assaults. Through these innovative technology, Sepio aims to aid businesses, manufacturers, and authorities agencies worldwide operate inside lower-risk server and community environments.
Although fabulous headlines suggest otherwise, cyber security defense has continually grown stronger within the last decade, making it harder for cybercriminals to accomplish their goals. Solutions now exist to guard against various software-based strategies, including denial-of-service attacks, spyware and adware, phishing, and ransom ware.
Disappointed with such defense methods, many malicious actors have found alternative paths to electronic digital assets via hardware-based strike tools. In 2018, as an example, a telecommunications company inside the U. S. fell victim with a nation-state supply chain strike executed through hacked motherboards inside servers.
Fortunately, one Israel-based security company is improving to the plate using a hardware access control (HAC) platform built to protect customers from these kinds of emerging threats.
“The mission with the company is to guard enterprises and organizations against rogue devices by providing visibility, control, and mitigation, ” said Yossi Appleboum, TOP DOG at Sepio Systems. “While all others is focusing on system activity, we’re focused around the existence of the system. ”
Sepio’s HAC-1 program safeguards customers from hardware-based assaults using machine learning web template modules, a threat intelligence databases, and physical-layer fingerprinting. The particular hardware fingerprinting technology pinpoints managed, unmanaged, and invisible network devices undetectable to be able to other security tools.
HAC-1 provides numerous use cases around industries, including healthcare, producing, the Internet of Items (IoT), financial services, store, and government agencies. Because the first rogue device mitigation (RDM) provider of the kind, Sepio’s goal is to be able to lead the charge in fully protecting many customers against hardware-based assaults.
Providing Thought Leadership inside Hardware Access Control
Sepio has been founded by Yossi, Iftah Bratspiess, Greg Poch, and also Bentsi Benatar in 2016, nevertheless the founding team worked together for greater than 30 years.
“My executive team and also I started our cybersecurity careers inside the Israeli intelligence community, ” Yossi mentioned. “We built a number of cyber security companies before getting out of them quite successfully. Next we launched Sepio, which can be now five years outdated. ”
“The ability to find yourself in your outward infrastructure now is easier than ever today because the know-how exists for bad actors, ” Yossi mentioned. “You can see that with all the U. S. government’s knowing of the issue with Cina compromising hardware supply restaurants. ”
The emerging trend can be evidenced by the Heart for Internet Security (CIS) handles — a prioritized set of its best practice suggestions for computer security. The 1st guideline, CIS Control 1, is targeted on actively managing all hardware devices over a network while preventing unauthorized and also unmanaged devices from getting network access.
“If this are not a big issue, it wouldn’t be listed beneath the first item in the particular CIS critical controls, ” Yossi mentioned. “They want to raise awareness because you can find not enough solutions because of this problem. This is where we believe we provide the many value because our approach is unique. ”
Accolades from Gartner, Frost & Sullivan, and DRAW Cyber
Hardware-based attacks will simply become more common since technologies like 5G wireless as well as the Internet of Things (IoT) gain prominence and offer additional attack paths. Gartner quotes that by 2021, greater than 25 billion IoT endpoints will probably be installed, with an IoT industry valuation reaching $3. 9 trillion.
Yossi told us the existing IoT security companies in the marketplace can be divided directly into two main groups.
“There are companies that make an effort to secure the IoT system itself, and there are other ones that make an effort to protect the organization in opposition to rogue devices, ” this individual said. “The problem is that those who try to protect the organization making the effort to apply the traditional community security methodologies to hardware-based assaults. ”
These traditional approaches don’t recognize devices that aren’t causing the network — including passive units utilized to exhilarate data. Sepio’s HAC-1, alternatively, provides total visibility over-all network hardware, whether connected being a peripheral or a community element. The software can recognize hardware used to impersonate individual interface devices (HIDs).
“We don’t must see traffic or analyze what’s taking place inside the network to learn what’s there, ” Yossi discussed. “It’s a holistic solution that delivers full control and awareness of outer infrastructure. ”
Sepio’s distinctive value proposition has recently attracted attention from analysts for instance Gartner, Frost & Sullivan, and also TAG Cyber. Gartner, as an example, recognized Sepio in the April 2020 Cool Distributors in Cyber-Physical Systems Safety report.
“Gartner and other analysts recognize that what’s being provided in industry today just isn’t sufficient to protect organizations from your growing number of criminal devices, ” Yossi mentioned.
Tools for Networking, Safety, and Procurement
Sepio’s HAC-1 solution empowers IT teams to get almost immediate hardware visibility in every server and network surroundings.
“We save them time and money around the networking side, ” Yossi mentioned. “Deploying the tool inside huge organizations takes simply hours, and after this, visibility is achieved over the following day. In addition compared to that, the reporting capabilities inside system can change just how an organization operates — you’re not necessarily calling 10, 000 folks and asking, ‘Did you connect something for the network? ’”
That visibility also helps it be easier to patch switches and routers utilized to connect servers within the particular network. Of course, around the security side, the power to see, report on, and assess the risk of outer facilities is priceless.
“The problem with security is not only the risk itself, nevertheless the uncontrolled risk, ” Yossi mentioned. “If you can see every one of the risks, there may be some you determine to live with. But no less than you can assess these. ”
HAC-1 also provides benefits with regards to procurement. Yossi told us that all large organization is now afflicted by vulnerabilities in their offer chains. Malicious actors are more and more creating spoof devices built to penetrate organizations or swindle customers financially.
“Everyone saw what happened with SolarWinds around the software side, ” this individual said. “The hardware side can quickly become a nightmare. You will need something inside your organization that will identify knockoffs. ”
Upcoming Plans to Expand Alliances together with Outside Vendors
Sepio has exciting plans inside the works for the the rest of 2021 and over and above. This year, the business will introduce partnerships together with outer infrastructure vendors.
“We’re going from supporting customers only to supporting vendor partners so customers can control their offer chain and security posture in a fashion that closes the loop — from your design phase of the project before the item comes to the door. We will introduce the initial alliance later this yr. ”
The company is also planning to spotlight looking inside individual calculating environments. Yossi said many vendors that individuals assume manufacture parts in the us are merely assembling them inside country.
“We have almost no power to control that as a society — not forgetting the ability to verify not merely one unit, but these, ” he said. “Our technology should go from just looking with interfaces to looking in the computing environment, using big data and machine learning how to detect anomalies within a big organization. ”
Finally, the business is working on Wireless security for remote functioning environments. “It’s one thing to own wifi security for your working environment building. It’s a totally diverse challenge when we’re talking about working at home,