Security Market Segment LS
Monday, 25 November 2019 08:47

Threat Intelligence aims to disrupt industry with Evolve

Threat Intelligence managing director Ty Miller Threat Intelligence managing director Ty Miller

The locally-developed Evolve security platform reduces costs via automation.

Australian IT security consultancy Threat Intelligence's goal is "to disrupt the security industry," managing director Ty Miller told iTWire.

Large enterprises have been able to spend millions of dollars on securing their systems with firewalls, intrusion prevention systems and so on, but other organisations have lagged behind.

Consequently, attackers turned their attention to smaller organisations that could act as stepping stones to the real targets.

What was needed, Miller said, was a security system that was affordable for everything from small businesses to enterprises.

Hence the company's Evolve service, which automates five top security issues – compromised accounts, penetration testing, incident response, security infrastructure orchestration and cyber threat intelligence – and is offered on a subscription basis with usage-based pricing.

Evolve, said to be the world's first dedicated security automation cloud, reduces security risks and cuts security costs by up to 95%, the company claims.

"We have launched Evolve to help individuals and enterprise respond to the global issue of escalating threats and attacks by parties with unlimited capabilities and funds. Traditional security operations are no longer effective and Evolve is designed to address the current gap in automated security offerings," said Miller.

"Evolve also has a unique capability to orchestrate whole environments on the fly, making it easier to respond to rapidly evolving security needs. Our goal is to make automating security operations easy and only pay for what you need, when you need it. We are able to reduce security costs by up to 95% for a broad range of clients."

Checking for compromised accounts is a good starting point. Apart from the possibility of corporate data being stored in an external service, there may be a pattern to an individual's passwords – or worse still, password reuse – that could allow access to internal systems.

"Compromised accounts are the number one way most organisations are breached. Our automated compromised account monitoring is the most comprehensive and up to date solution to have your business stay on top of this ongoing issue," said Miller.

Without automation, staying up to date is challenging. 150 million compromised accounts were added to the list in the last three weeks, he noted.

Clients start by registering their Evolve account free of charge, and then select the tools they need from the marketplace, paying only for what they use and when they use it. For example, some organisations might use compromised account monitoring on a continuous basis, while others on tight budgets might use it a few times a year to allow the expenditure to be redirected to other aspects of security.

Traditional approaches mean it typically takes three to six months to plan and implement security controls, Miller told iTWire, but the Evolve marketplace makes it possible to build cloud-based security infrastructure in 10-15 minutes. This costs less and allows organisations to start automatically detecting problems sooner.

Usually, a small security budget means a small team with no deep technical experience, he said. "They're just there to fight fires."

So Evolve automates detection and response, Miller explained. For example, when malware is detected the system collects the evidence, analyses it, and determines suitable actions such as shutting down the affected machine and scanning the rest of the environment for the same attack. Evolve includes a mechanism for getting human authorisation via Slack or other channels before taking automated actions.

Penetration testing is normally an expensive activity, so it is rarely performed every time changes are made to systems. Evolve's automated approach is priced so organisations can test across as many IP addresses as they wish, he said. Furthermore, the recommendations made are prioritised according to the likelihood of an attack.

"It gets very technical," he said, but reports and executive summaries can be generated easily.

Threat Intelligence Evolve Automated Penetration Testing Dashboard

A one month subscription for Evolve penetration testing costs between 5% and 10% of a single traditional test, said Miller, so it can be used on an ongoing basis. It is important to test regularly, as new vulnerabilities keep appearing and Evolve uses the latest exploits in every test, Miller explained.

"Previously we scheduled annual security reviews to help contribute to our check of what was happening in the business. However, that only gave us a point in time perspective. Even if we were secure everyone understands that changes happen quickly in relation to IT security," said the CTO of a professional services organisation that uses Evolve automated compromised account monitoring, automated external infrastructure penetration testing and automated internal infrastructure penetration testing.

"The benefit of Evolve and incorporating an automated security platform into our business means instead of annual penetration tests, we are conducting weekly penetration tests. It's easier to stay on top of our security requirements and not only do we understand our security posture, Evolve is providing further automated actions based on these results. It's a key step in the constant improvement of the IT security for the organisation."

A 30-day free trial of Evolve automated compromised account monitoring is currently available.

WEBINAR event: IT Alerting Best Practices 27 MAY 2PM AEST

LogicMonitor, the cloud-based IT infrastructure monitoring and intelligence platform, is hosting an online event at 2PM on May 27th aimed at educating IT administrators, managers and leaders about IT and network alerts.

This free webinar will share best practices for setting network alerts, negating alert fatigue, optimising an alerting strategy and proactive monitoring.

The event will start at 2pm AEST. Topics will include:

- Setting alert routing and thresholds

- Avoiding alert and email overload

- Learning from missed alerts

- Managing downtime effectively

The webinar will run for approximately one hour. Recordings will be made available to anyone who registers but cannot make the live event.



Security requirements such as confidentiality, integrity and authentication have become mandatory in most industries.

Data encryption methods previously used only by military and intelligence services have become common practice in all data transfer networks across all platforms, in all industries where information is sensitive and vital (financial and government institutions, critical infrastructure, data centres, and service providers).

Get the full details on Layer-1 encryption solutions straight from PacketLight’s optical networks experts.

This white paper titled, “When 1% of the Light Equals 100% of the Information” is a must read for anyone within the fiber optics, cybersecurity or related industry sectors.

To access click Download here.


Stephen Withers

joomla visitors

Stephen Withers is one of Australia¹s most experienced IT journalists, having begun his career in the days of 8-bit 'microcomputers'. He covers the gamut from gadgets to enterprise systems. In previous lives he has been an academic, a systems programmer, an IT support manager, and an online services manager. Stephen holds an honours degree in Management Sciences and a PhD in Industrial and Business Studies.



Recent Comments