Acalvio Addresses Security from Inside Out
The numbers vary from study to study, but according to Acalvio, threats reside on your network for 200 days before you know they are there. Why is this? Well, the traditional approach to security has been building a bigger wall; however, once an intruder is in, there is no system in place within the network to protect operations.
Funded by some of the top names in Silicon Valley, Acalvio comes to the table with a simple mission. Instead of addressing the “locks on doors,” it is serving as a “motion detector,” Co-founder and CEO Ram Varadarajan explained at Editors Day Silicon Valley.
Varadarajan continued to highlight that far too many firms expect the perimeter wall to keep bad actors out. However, when this doesn’t work, what is an enterprise to do?—especially when the enterprise is not aware of the penetration. Varadarajan noted this is where a complimentary product – like a “motion detector” in your ADT array – can help keep your data safe.
In an IT environment where attackers are all over the map, history does not predict the future. So, when IT creates threat profiles, they can be error prone because lots of actions look suspicious, Varadarajan illustrated. He continued, “It easy to miss legitimate threats,” so the team at Acalvio made a departure from traditional security strategies. It took two technologies: deception tech and data science.
Acalvio will deploy a group of decoys, with the idea being that credible users would have no reason to mess with the decoys because they shouldn’t even know they exist – creating a way for the “anomaly to announce itself.” Prior to deployment, the firm utilizes data science to select the best places in the network to deploy its decoys.
In addition to leveraging data science for placement, it is also aiding in creating better deceptions, then processing the results of the deceptions. Deception tech has been around for a long time, Varadarajan explained, “from nature to the military,” but “in IT it has been very sparsely used, even though it’s shown success.” Varadarajan noted this is due to several factors including deployment, setup and general questions in regard to the process.
The beauty of this approach is that when a decoy is attacked, you want the bad guy to stick around. “Put him into Wonderland,” says Varadarajan, and see what he is actually trying to do. Once a sensor is touched, pull out the SIEM and see the attacker’s path.
This method is not limited to the IT environment, as it can easily be utilized in the IoT. In a time where technology is more pervasive than ever, and continues to proliferate its presence in our lives, there’s certainly nothing wrong with choosing safe over sorry.
Acalvio has a brief yet effective history, a 15 month old startup is serving up security in a way few have done. Security needs to be front of mind, but too many firms are stuck making the same mistakes over and over again – I believe that’s the definition of insanity, I could be wrong. As Varadarajan put it, “Everybody knows to buy a lock, everyone knows to buy a firewall… soon they will know” that is simply not enough.
Edited by Alicia Young