Secured organizations are relatively protected against cyber attacks on their networks, applications and data infrastructure. These organizations have implemented multi-layered security infrastructures that include firewalls, IDS, IPS, email security, endpoint security suites and others that block most known cyber attacks both from the outside and inside.
However, very few organizations are focused on peripheral hardware devices as attack vehicles for penetrating their infrastructure and stealing sensitive information. Most believe they have done all they can to protect themselves with 100 percent visibility into their systems. And while securing software is a major part of an active defense, it’s not enough. Cyber criminals are using hardware – malicious peripheral devices — as attack tools, compromising them before they are delivered, using insiders to bring them in, or tampering with them after installation and during upgrade processes. There is no way to control each employee working environment, subcontractor, component supplier, distribution channel and carrier, integrator and installer. All of them can be the attacker or serve as the attacker’s entry point. The innocent-looking device on your desk may be your biggest security threat.
THE SEPIO SOLUTION
Sepio’s security suite is currently the first solution available that identifies and blocks malicious hardware devices before they can cause any harm. The suite stops rogue hardware before it damages normal operations or degrades system performance.
The Sepio three step solution:
- Detects by comparing expected vs. actual behavior based on the whitelist rules engine
- Blocks any illegal device or activity across the organization
- Reports to the existing SIEM and to the cloud service
- Full visibility of all connected devices
- Discovery of ghost network devices
- Device capabilities and behavior analytics
- Alert and block any usage breach or attack attempt
- Granular security policies at the device level
- Cloud-based threat analysis and early warning