Federal Tech Podcast: Ep. 164 What is Proactive Cyber Security?
NetSPI Chief Product Officer Vinay Anand was interviewed by John Gilroy of Federal Tech Podcast. They discuss what proactive security is, the ins and outs of penetration testing as a service (PTaaS), and dive into NetSPI’s latest acquisition of Hubble’s cyber asset attack surface management (CAASM) technology. Listen to the episode below or online here.
+++
The volume of cyber attacks on federal organizations has gotten to the level that traditional methods have lost their efficacy. If you merely react to an intrusion, the malicious actor has gotten what he wants and has left.
Today, we sat down with Vinay Anand, the Chief Product Officer for a company called NetSPI. Back in 2001, they were founded to improve server, network, and application penetration services. Their initial offering of penetration testing has become so successful that it is being used by nine out of the top ten banks in the United States.
Over the decades, they have learned that true security went beyond penetration testing. They had to take a more initiative-taking approach.
For example, the attack surface back in 2001 was minuscule compared to what is happening today. Covid has encouraged remote access, sensors are everywhere, and cheap storage has allowed malicious actors the opportunity to place code in unimaginable places.
A tech leader must be able to identify and protect the unknown. The first step is to protect the external-facing network and the internal network.
“We discover issues . . . we prioritize them . . . we help them remedy it We do this using multiple mechanisms. we have products, we have platforms, we have people We have trained 250 consultants . . these are the people who have developed deep expertise developed deep expertise in areas of the estate ” – Vinay Anand, NetSPI
The internal aspects can be controlled by tools classified as Cyber Asset Attack Surface Management analysis. The external system can be examined by an External Attack Surface Management system as well.
That may be a terrific beginning, but this knowledge must be augmented while simulating an attack. NetSPI can assist an agency in developing an attack plan and narrative. That way, they can understand their risk profile and optimize methods to recover from an attack.
During the interview, Vinay Anand gives a terrific overview of the development of different methodologies behind system protection.
Explore more News
Forbes: What Would Anubis Think Of Modern Day CEOs?
Forbes featured insights from NetSPI’s CEO, Aaron Shilts, on the CEO role. Read the article.
PC Gamer: This 3D printed laser chip-hacking device uses a $20 laser pointer, costs $500 to build, and was developed so that ‘people can do this in their homes’
Read the story of NetSPI's Sam Beaumont and Larry "Patch" Trowell created a laser hacking device (RayV Lite) that makes microchip exploitation easier.
WIRED: A $500 Open-Source Tool Lets Anyone Hack Computer Chips With Lasers
In an exclusive with WIRED, NetSPI’s Director of Transportation, Mobility, and Cyber Physical Systems, Sam Beaumont, and Director of Hardware and Embedded Systems, Larry “Patch” Trowell, explain a new laser hacking device they’ve created, RayV Lite. This device will be presented at Black Hat USA. Read the preview below or view it online. +++ IN […]