KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
With CYFIRMA's products, you can take a look at your business through the eyes of a cybercriminal. But to know what they know, they need to take steps into the dark side of the World Wide Web. Osman interviews Kumar Ritesh from CYFIRMA about their work on the Dark Web.
With CYFIRMA's products, you can take a look at your business through the eyes of a cybercriminal. But to know what they know, they need to take steps into the dark side of the World Wide Web. Osman interviews Kumar Ritesh from CYFIRMA about their work on the Dark Web.
Hello everyone. My name is Osman. I am part of Kuppinger call. And today we are having the third day of EIC, 2022. And today I am at Kumar from SEMA and we are gonna have some delightful conversation about their products and then let's see what they offer us. Thanks very much for having me here. Osman. It's great to be here. Yeah. Thank you. So my first question is I know that you have this two main product. One of them is being decipher and then the other one is detect.
Could you maybe give us some brief information about them and how you manage doing the, the external trend landscape management? No, it's a great question.
And it's, it's very close to our, our heart. So the way to look at, look at us, what we do is external threat landscape management, where we give a complete comprehensive view of your external threats and risk. The way to look at our two products. If you look at decipher, decipher is our enterprise grade product meant for enterprises and under decipher, we deliver all six pillars of external threat landscape management.
These six pillars are your external attack, surface management, vulnerability intelligence, brand intelligence, your distal risk production, situational awareness, and cyber intelligence. We combine all six into one platform and we deliver a complete view of your external threat landscape and the, and the way to look at our decipher platform in a simple way is we tell you how good or bad you look like from outside in perspective. And we will also tell you who are some of those adversaries who are looking at potentially attacking you? Why are they looking at attacking you?
What do they want from you? When can they attack, how are they gonna attack? So we give you the complete schematics of threat management. Whereas if you look at detect, detect is an entry level product, we call it as a digital discovery and production product. We cover only first four pillars of, of external third landscape management as part of detect. So we start our journey with external attack, surface risk management. We go into vulnerability intelligence to brand intelligence, to distal risk production.
We combine those four pillars and we deliver you a very simple sort of outcome to tell you like how good or bad you look like from outside in perspective. Yeah, that's great. Okay. Thank you very much. And I know for a fact that you have this solution, duct web monitor, duct web monitoring, and I think it's one of the unique features of external threat landscape management. And do you actually offer this in both of this products you have? So there are like four clear values which we deliver to our clients using our platform.
One, we are the only platform which delivers complete comprehensive view of your external threats and risk using our six pillars or using our four pillars using our platform. We give you a complete contextual detail of how a cyber criminal is, is looking at potentially attacking you. What are some of the assets which they're looking at breaking into You, take their perspective Actually, yeah.
Is, is, is your brand matter of interest for them is your distal profile, very partisan nature, which they can use to, to capitalize and get into the organization. We tell you like what is going on in your industry, your technological attack, your geolocation from where you're operating from. And finally, we combine that with, you know, our intelligence capability to tell you very specifically, who are those cybercriminal groups who are looking at attacking you?
What are some of the hacking campaigns there running against you and what is their real interest and how are they gonna be breaking into, into, into the organization? So contextual detail plays a very, very important role. The third unique value which we deliver to our client is our ability to predict upcoming cyber attacks.
Now, this is very unique to us. And one of the reason why we are able to do that is our ability to actually look at how good or bad you look like from outside in perspective, taking your attack surface view, taking your vulnerability view, taking your brand view, and as well as your distal risk view. And combining that with intelligence is to what adversaries are looking at doing to you. So we deliver actually our ability to sort of predict upcoming cyber attacks towards you. And we call it early warning in our, our case. And we have been super successful there.
The fourth area of, of uniqueness is the quality of data which we collect. And we collect like data from dark web. We have very specialized ways of collecting data from dark web deep web surface web social platforms. And I think it's a quite nice explanation, at least from my side. And I know for a fact that nowadays most of the organizations are spending too much on their cybersecurity, but still there is this gap and then they still have to improve their cyber defense systems.
But I think what you say is a really good way of explaining how you can actually take a proactive approach while you are taking measures against cyber attacks. And I think attack surface is what this cyber hackers are targeting you. And then this is where you maybe start taking those Proactive measures. Yeah.
Like, you know, it's a great point. You made look at like traditional cybersecurity controls and the traditional cyber posture management.
You know, we have been so inward looking. Most of the tools, if you look at outside, generally they will get installed into your enrollment.
They will, they will wait for animaly to happen. And then they take corrective actions based on it. Now something has to happen for those tools to react.
Now, what we have done in, in our approach, we have taken actually the whole Genesis of this to the source of the problem. And the source of the problem is cybercriminals source of the problem is adversaries source of the problem is how they're looking at actually coming and attacking you. So we call it as path, path of attack. And going back to your point of attack, surface management, we kind of consider your attack surface being the path, which cybercriminals will potentially use to come and attack you.
So these are your doors and windows, which cybercriminals can potentially use to break into your organization. So it's super important for you to have that visibility and real time visibility of that. And how do you then go about combining that with what are some of the weaknesses you are carrying is, is your brand is, is, is super important for cyber criminals from, from their aspiration perspective.
You know, your distal footprint is super porous. And if it is very porous in nature where your identity information is already out, your confidential files are already out. You without realizing it, cybercriminals can use those, those actually assets to come and, and open your doors and windows. They don't have to actually break anything cuz if your identity information is already leaked, they don't require to actually sort of go and break into your, your vulnerabilities on your attack surface.
And then combining that with your kind of what is going on in your industry from cybercrime perspective and as, as a cyber posture management, I think you need to have that sort of visibility and combining with, you know, how, why, what, when and how, which plays a very, very important role. So our approach has been, how do we give, you know, a external view adversary view to organization as to how they look from outside end perspective, because it's super important for you to understand what you are up against.
See, we can all go build walls after walls, but as we know, every possible walls of cybersecurity, defense cybercriminals have overcome those exactly, which means you need to know your adversaries, their as strength, their weaknesses, and you as well has to know, know your strength and weaknesses and how do you actually bring them together to have a better defensive strategy. And that's what we deliver using external threat landscape management. That's perfect. And I think that one of the unique features of external trend landscape management is dark web monitoring.
And I know for a fact that that not all the vendors offer that solution as a solution. And could you maybe give us some information because I've realized that you pointed out the D web and dab monitoring, maybe you could you maybe go more in detail and then tell us how you actually monitor the dark web. And how often do you do that? Or maybe how do you success it in general? Sure.
And, and the way to look at this is like look at, from our data source perspective, right? We are looking at your surface web, which is internet, what you and I see, we are monitoring that we are monitoring social platforms. We are monitoring deep web. We are monitoring dark web and these are our data sources. But specifically if you go into dark web, you have two layers of dark web. And I'm very sure, you know, this will be a very interesting topic for, for your audience.
You know, you have a public part of a doc web where you can use a specialized tools to jump into the doc web and you can collect data from that. You have a private part of a doc web as well. So these are like private communities. These are language specific communities. These are cyber criminal groups who have created these private channels, which is very, very hard to get into. Now what we have gone about doing, we have created this, this network of virtual agents. We call them as a, you know, our 900 virtual agents. These are agents which mimic human beings.
They, they go in, they will first look at well, first of all, the public part of dark web, right? That's relatively simpler to collect information from. So we will look at well, what are some of the new channels which has been created on the dark web and is, are those channels matter of interest for us? Are we seeing any threat information there on those channels? Are we seeing any potential data leak information out there, or are we seeing any interest in those conversation on the public part of the dark web related to cyber crime?
And as soon as we see that our virtual agents will actually collect that information and will bring it back to our centralized analytical platform, you have the private part of dark web, which is, which is, I would say our core strength, our ability to, first of all, understand where are those private channels and who are managing those private channels, gives us a strength there and, and is a clear differentiator of ours than most of the player out there.
Our ability to, first of all, find out those private channels, languages, specific channels, cybercrime communities, number one, number two, to very quickly understand who are the participant of, of those channels, right? And do they have a historical background of orchestrating cyber crime? Do they have a historical background of raising a cyber attack? Have we seen them as part of any cyber crime campaign? So we do a lot of actually attribution there. Then we have a specialized way of actually injecting ourself into some of those private channels. And these are very specialized way.
We have built 128 different techniques, which we use to jump into some of those private conversation. And we don't actually engage ourself with cyber criminal groups, but our motive is to really actually, you know, collect information from their conversation, bring it back to our centralized platform and then run our analytical engines to give a proper comprehensive sort of, you know, insights to our client and customers.
I think it's quite interesting to see that how our measures against cyber attacks are developing and then how deep we can go and then how actually effectively fight against them. And I think this proactive measures that we are taking us quite important, and that's gonna take us to a next step. This is my personal opinion. Yeah. So thank you for joining us today. And it was great to have you here and get know more about you and your company and then your product. And I wish you are really a good day and thank you so much. Thank You. Thanks. Usman.
Yeah, I see. Thank you. Thank you. Thank you very much for listening us.
