NEWS

Cost of Cybersecurity: The Disaster That is a Long-Term Breach

Jeff Peters of HackSurfer reports on the Cost of Cybersecurity: The Disaster That is a Long-Term Breach. Sean Bodmer, chief researcher at CounterTack says
“Their biggest concern is the dwell time, detecting the threat soon enough before it has time to propagate across the network, establish more of a beachhead, additional resilient points,” said Sean Bodmer, chief researcher, counter-exploit intelligence at CounterTack. “That period of catching the threat soon enough before it has time to dwell, that is one of the biggest things they all talk about.” - See more at: http://hacksurfer.com/amplifications/99#sthash.KcGE3LEh.dpuf
“Their biggest concern is the dwell time, detecting the threat soon enough before it has time to propagate across the network, establish more of a beachhead, additional resilient points,” said Sean Bodmer, chief researcher, counter-exploit intelligence at CounterTack. “That period of catching the threat soon enough before it has time to dwell, that is one of the biggest things they all talk about.” - See more at: http://hacksurfer.com/amplifications/99#sthash.KcGE3LEh.dpuf
“Their biggest concern is the dwell time, detecting the threat soon enough before it has time to propagate across the network, establish more of a beachhead, additional resilient points,” said Sean Bodmer, chief researcher, counter-exploit intelligence at CounterTack. “That period of catching the threat soon enough before it has time to dwell, that is one of the biggest things they all talk about.” - See more at: http://hacksurfer.com/amplifications/99#sthash.KcGE3LEh.dpuf
“Their biggest concern is the dwell time, detecting the threat soon enough before it has time to propagate across the network, establish more of a beachhead, additional resilient points,” said Sean Bodmer, chief researcher, counter-exploit intelligence at CounterTack. “That period of catching the threat soon enough before it has time to dwell, that is one of the biggest things they all talk about.” - See more at: http://hacksurfer.com/amplifications/99#sthash.KcGE3LEh.dpuf
the "biggest concern is dwell time, detecting the threat soon enough before it has time to propagate across the network, establish more of a beachhead, additional resilient points. That period of catching the threat soon enough before it has time to dwell, that is one of the biggest things they all talk about."

SCADA Security: No One Wants to Start a War, But They Could

HackSurfer logo"Instead of fixing all their software problems, they're just trying to layer in security in the middle," said Sean Bodmer, chief researcher at CounterTack, in this article by Jeff Peters on HackSurfer: SCADA Security: No One Wants to Start a War, But They Could. Bodmer continues, "Some of these programs and some of these turbines are still running on Windows 98 believe it or not. I saw one a year and a half ago out in Washington state. The cost of these SCADA companies, energy companies, to actually turn off those turbines and do the software upgrade from Windows 98, in 2012 – the last year that I saw it – it costs them so much money they’d rather just wait until it crashes before actually stopping the turbine. It costs millions of dollars to stop and clean and get back going and the load balancing.”

Carberp Source Code Leak Likely To Spawn Malware Variants, Innovation

In Brian Prince's coverage of the Carberp source code leak on Dark Reading, Carberp Source Code Leak Likely To Spawn Malware Variants, Innovation, CounterTack Chief Researcher Sean Bodmer weighs in. Bodmer says "not only was the Carberp code revealed in that .rar, there was also a large amount of Russian banking application code for the BSS thick client, likely exfiltrated from that organization directly. Additionally, there are many other source compilations from bootkit techniques to anti-AV modules, which quickly become a security researcher's goldmine."

Experts Weigh In: Cybersecurity trends 2-3 years down the road?

Jeff Peters asks several security experts "what stands out when you think of cybersecurity 2-3 years down the road?" in this article on HackSurfer: Experts Weigh In: Cybersecurity trends 2-3 years down the road?CounterTack Chief Researcher Sean Bodmer says
“I believe Wi-Fi and wireless in and of itself is going to be one of the biggest problems that we’re going to have to deal with, especially if the FCC implements [it's plan to relieve crowed Wi-Fi networks] across the nation. It’s going to open up so no matter where you are your device can be reached, you can be tracked, and we already have the problems now with cellular tracking. That was a big thing at DEFCON and Black Hat a couple years ago. Well, when they open up all of these phones to Wi-Fi and everyone is walking around with an IP address and driving around with an IP address or jogging around with an IP address, there are a whole bunch of privacy and security concerns.” - See more at: http://hacksurfer.com/amplifications/69#sthash.RP5bOFaY.dpuf
"
“I believe Wi-Fi and wireless in and of itself is going to be one of the biggest problems that we’re going to have to deal with, especially if the FCC implements [it's plan to relieve crowed Wi-Fi networks] across the nation. It’s going to open up so no matter where you are your device can be reached, you can be tracked, and we already have the problems now with cellular tracking. That was a big thing at DEFCON and Black Hat a couple years ago. Well, when they open up all of these phones to Wi-Fi and everyone is walking around with an IP address and driving around with an IP address or jogging around with an IP address, there are a whole bunch of privacy and security concerns.” - See more at: http://hacksurfer.com/amplifications/69#sthash.RP5bOFaY.dpuf
“I believe Wi-Fi and wireless in and of itself is going to be one of the biggest problems that we’re going to have to deal with, especially if the FCC implements [it's plan to relieve crowed Wi-Fi networks] across the nation. It’s going to open up so no matter where you are your device can be reached, you can be tracked, and we already have the problems now with cellular tracking. That was a big thing at DEFCON and Black Hat a couple years ago. Well, when they open up all of these phones to Wi-Fi and everyone is walking around with an IP address and driving around with an IP address or jogging around with an IP address, there are a whole bunch of privacy and security concerns.” - See more at: http://hacksurfer.com/amplifications/69#sthash.RP5bOFaY.dpuf
I believe Wi-Fi and wireless in and of itself is going to be one of the biggest problems that we're going to have to deal with, especially if the FCC implements [its plan to relieve crowed Wi-Fi networks] across the nation. It's going to open up so no matter where you are your device can be reached, you can be tracked, and we already have the problems now with cellular tracking. That was a big thing at DEFCON and Black Hat a couple years ago. Well, when they open up all of these phones to Wi-Fi and everyone is walking around with an IP address and driving around with an IP address and jogging around with an IP address, there are a whole bunch of privacy and security concerns."

Pesky Bug Drags Facebook Shadow Profiles Into the Spotlight

In Richard Adhikari's coverage of Facebook shadow profiles in TechNewsWorld, Pesky Bug Drags Facebook Shadow Profiles Into the Spotlight, CounterTack Chief Researcher Sean Bodmer offers his expert insight. Finding secret shadow files among the data that seem to be analyzed and correlated data points of every user ranging from their real-life details to private information input by members "is shocking, although not surprising," Bodmer says.

Facebook Security Glitch Exposes Millions of Users' Data

Chief Researcher for CounterTack, Sean Bodmer, provides commentary in Jennifer LeClaire's article in Newsfactor, Facebook Security Glitch Exposes Millions of Users' Data, on the recent Facebook security glitch exposing millions of users' data.

CounterTack Bolsters Active Defense Strategy with Scout Knowledge Library 1.0

 Comprehensive Collection of Stateful Compromise Indicators Powers Scout Analytics Engine to Better Understand and Counter Advanced Threats

WALTHAM, Mass. (June 24, 2013)CounterTack, the industry’s first and only provider of in-progress cyber attack intelligence and response solutions, today introduced the Scout Knowledge Library, a robust collection of stateful compromise indicators (SCIs) that correlate behavioral and technical characteristics of advanced threats to provide organizations with rich attack intelligence through conclusive attack evidence.

 With the recent release of Scout 4, CounterTack is taking a dramatically different approach to endpoint protection, providing unprecedented visibility into attackers through its patented Deep System Inspection (DSI) technology. CounterTack enables organizations to detect previously undetectable advanced threats and attacks that most other solutions miss.

 The Scout Knowledge Library is a compilation of SCIs, attack and malware profiles and conditions. Collectively, they serve as the intelligence foundation of Scout’s powerful analytics engine, enabling customers to quickly classify malware and malicious activity based on correlated actions exhibited by the attack.

 “CounterTack’s Scout Knowledge Library gives organizations the ability to quickly and accurately determine the scope of an attack by understanding what type of malware is launched, and what type of process it follows,” said Neal Creighton, CEO, CounterTack. “Correlating malware characteristics through Scout helps enterprises react with confidence to attacks, shortening the gap from detection to intelligence to response, by giving them the ability to know precisely what will happen relative to that specific malware, bot, trojan or condition identified.”

 Based on the breadth of Scout’s real-time monitoring of historical attacker behavior and malware processes, the Scout Knowledge Library’s SCIs can help rapidly classify attacks and provide intelligence on specific tools and techniques associated with threats both known and unknown. These classifications are integrated into Scout 4, where the threat and attack profiles are correlated with attack activity in real-time.

 “CounterTack’s unique approach is to shorten the cycle to remediation for customers impacted by sophisticated threats and persistent malware campaigns,” said Sean Bodmer, chief researcher, CounterTack. “Through our library, we provide the capability to correlate key events and characteristics of malware. A single SCI can detect millions of variants of Zeus, like Ice9 or Citadel, but what matters most are the key characteristics and the modular functionalities of the malware. For example, knowing whether the malware is configured with Remote Desktop Protocol (RDP), Webinjects (secure form login stealer), DDOS, FormGrabbers, or JabberUpdater can help customers quickly identify the motive, intent and capability of a threat — so they react appropriately.”

 In the event that a critical endpoint is compromised, Scout’s real-time analysis identifies files, processes and network activity the attacker is targeting at the OS level on production systems. That behavior is then correlated with indicators in the Knowledge Library to provide conclusive intelligence about the attack.

 The Scout Knowledge Library will be sold as part of base Scout deployments, and updates will be available as part of a subscription model.

 About CounterTack

CounterTack, the industry’s first and only in-progress attack intelligence and response solution provider, was born out of the critical need to develop new security approaches for enterprise and government organizations. The detection gap persists despite massive investments and continuing advancements in security technologies, with cyber attacker innovation outpacing cyber defenses. CounterTack is leading the way on new approaches for deeper security intelligence monitoring and faster attack response.

 To learn more, visit www.countertack.com.  

###

CounterTack Partners with rSolutions to Help Companies Dramatically Improve Attack Detection and Counter Targeted Enterprise Threats

CounterTack Scout to Provide Enhanced Visibility to Help Reduce Attacker ‘Dwell Time’

WALTHAM, Mass. (June 18, 2013)CounterTack, the industry’s first and only provider of in-progress cyber attack intelligence and response solutions, today announced its partnership with rSolutions, an information security firm that provides a broad range of enterprise security solutions and professional consulting services. rSolutions will be reselling CounterTack’s Scout Solution for advanced threat detection and intelligence.

This partnership will expand rSolutions’ product portfolio and augment its offerings for enterprise customers. The addition of CounterTack’s Deep System Inspection (DSI) technology will help rSolutions customers not only reduce dwell time, but in the process give them access to the critical intelligence they need to better understand and combat advanced, and even unknown, threats. In partnering with rSolutions, CounterTack is expanding its presence into the government, mining and energy markets in Canada.

Security-savvy organizations understand that advanced threats are persistent, rendering many systems as continuously compromised. The more frequently companies are attacked, the more they become prone to follow-up attacks, underscoring the reality that blocking or alerting is no longer good enough. With deep behavioral analysis, CounterTack helps companies actively engage with attackers to defend critical systems at the endpoint.

"At rSolutions, we are constantly looking for unique and innovative solutions to help address our customers' biggest problems," said Richard Baker, managing partner at rSolutions.  "Despite investing in the latest advanced threat detection offerings, our customers have crucial unanswered questions about how to assess, contain, and stop attacks that are still getting through.  We believe CounterTack's revolutionary approach to endpoint security is a perfect complement to our current network-based solutions and will provide our customers with the critical intelligence needed to stop attacks."

“The ability to identify advanced attacks is essential. But that is only half the security battle,” said Neal Creighton, CEO, CounterTack. “The capability to minimize the impact of an attack by limiting its length or ‘dwell time’ in a system by actively engaging with attackers is now essential in limiting potential damage, understanding what the attacker is doing and targeting, and ultimately, diverting the attacker from production assets. The rSolutions and CounterTack partnership will provide companies with the tools and intelligence they need to identify and understand advanced attacks – empowering them to actively defend their businesses.”

About rSolutions

rSolutions is a boutique Information Secuirty firm providing enterprise security solutions and professional consulting services. As a results-driven organization, we help our customer’s meet their business objectives. A partner of several industry leaders, such as CounterTack, Splunk, FireEye, Qualys, Mobile Iron, Guidance Software and Accellion, rSolutions offers a suite of security assessment services including vulnerability assessments, penetration testing, web application testing and more. To learn more, visit www.rsolutions.com.

 

CIO Today: Google Reports Iranian Phishing on Eve of Elections

Google has been reporting on phishing activity out of Iran since 2011. Jennifer LeClaire reports on CIO Today that the latest phishing campaigns are likely tied to the Iranian presidential election. According to Sean Bodmer, chief researcher of CounterTack, “There are always observable traits and effects in every campaign, incident or attack that infer the possible aggressor, and it would appear that political implications and motives may indeed be one of them in this particular case.”

Dark Reading: 12 Endpoint Security Myths Dispelled

Ericka Chickowski reports on Dark Reading: 12 Endpoint Security Myths Dispelled . There are plenty of misapprehensions and delusions about endpoint security receive little attention from security pundits. Sean Bodmer, chief researcher for CounterTack, weighs in on two of them – AV Is Outdated And Useless, and Some Endpoints Aren’t Important Enough To Be Attacked.

Credit Union Times: Threat of the Week: DDoS For Hire on the Rise

Chief Researcher for CounterTack, Sean Bodmer, provides commentary in Robert McGarvey’s story in Credit Union Times, Threat of the Week: DDoS For Hire on the Rise, on the growing business of DDoS for hire and the threat it poses to financial institutions.

Network World: Products of The Week 5.20.13

Network World’s Products of The Week 5.20.13 reviews the launch of CounterTack Scout 4.0. Key Features: A cyber defense solution utilizing Deep System Inspection enables organizations to detect, assess and respond to advanced threat attacks. New Stealth Agent powers active defense solutions, including next-gen honeynets.

Dark Reading: CounterTack Announces Scout 4

CounterTack, the industry's first and only provider of in-progress cyber attack intelligence and response solutions, today announced the next generation of CT Scout (formerly Event Horizon), a cyber defense solution utilizing Deep System Inspection that enables enterprise and government organizations to detect, assess and respond to advanced threat attacks.

...

"Today's organizations have largely accepted the fact that attackers are getting into their networks – that it's no longer a question of 'if' but 'when'," said Neal Creighton, CEO, CounterTack. "With the next generation of CT Scout, CounterTack enables organizations to implement active defense strategies, with rapid deployment honeynets and targeted production system monitoring."

Read more >

CounterTack Announces Scout 4

New Stealth Agent Enables Active Defense

WALTHAM, Mass. (May 8, 2013)CounterTack, the industry’s first and only provider of in-progress cyber attack intelligence and response solutions, today announced the next generation of CT Scout (formerly Event Horizon®), a cyber defense solution utilizing Deep System Inspection that enables  enterprise and government organizations to detect, assess and respond  to advanced threat attacks.

Available now, Scout 4 introduces a new kernel-level Stealth Agent, which along with an enhanced analysis engine, enables active defense solutions against in-progress attacks. In a world where it is widely accepted that advanced threats continue to bypass security defenses, the ability to detect and respond to in-progress attacks is critical to reducing the attack dwell time – the time available for attackers to operate on the network and cause damage.

“After establishing a beach head, attackers move laterally through networks to identify and exploit targets, often for extended periods of time,” said former global CISO for BAE Systems, Eric Noonan, now CEO at CyberSheath Services International. “Getting visibility into these behaviors is critical to mounting timely countermeasures and minimizing damage.”

The new agent-based sensor architecture enables CT Scout 4 to support rapid and flexible deployment options that enable customers to implement active defenses and reduce attack dwell time. Deployed on both physical and virtual devices, the Stealth Agent provides great flexibility in deploying next-generation honeynets that not only help detect unknown threats, but also provide the intelligence on attacker means and motives necessary for implementing effective active defense countermeasures. The Stealth Agent can also be deployed directly on production systems as part of active defense strategies to accelerate countermeasures. 

“Today’s organizations have largely accepted the fact that attackers are getting into their networks – that it’s no longer a question of ‘if’ but ‘when’,” said Neal Creighton, CEO, CounterTack. “With the next generation of CT Scout, CounterTack enables organizations to implement active defense strategies, with rapid deployment honeynets and targeted production system monitoring.”

CEOCFO Magazine: Q&A with CounterTack CEO Neal Creighton

This Q&A article with CounterTack’s CEO Neal Creighton reviews how cyber attackers are still penetrating the most sophisticated, layered defenses. CounterTack is leading the way in new solutions for in-progress deeper security intelligence monitoring and faster attack response.With Cyber Attackers Still Penetrating the Most Sophisticated, Layered Defenses, CounterTack is Leading the Way in New Solutions for In-Progress Deeper Security Intelligence Monitoring and Faster Attack Response.With Cyber Attackers Still Penetrating the Most Sophisticated, Layered Defenses, CounterTack is Leading the Way in New Solutions for In-Progress Deeper Security Intelligence Monitoring and Faster Attack Response.

Infosecurity Magazine: Syrian Electronic Army Hacks AP; DOW Briefly Tumbles

Infosecurity Magazine reviews the hack of the Associated Press Twitter account that led to false tweets about explosions at the White House and subsequently almost instantly wiped $136 billion off the DOW. In the story, Syrian Electronic Army Hacks AP; DOW Briefly Tumbles, Sean Bodmer, chief researcher for CounterTack, puts the hack down to a retaliatory PsyOps operation. (If correct, the clear implication is that SEA is engaged in pure and simple cyberwarfare against the US.)

IT Business Edge: The Downside of Twitter

In this story on IT Business Edge, The Downside of Twitter, Sue Marquette Poremba reported on the Twitter hack involving the Associated Press handle. CounterTack Chief Researcher Sean Bodmer weighs in, “I would wager this was meant to harm our International platform and partners as I am sure similar events occurred in March the Syrian President had to respond and recover from. Social Engineering has been in use for decades and there are numerous effects, just like the Dow Jones dropping this afternoon in the wake of the AP Tweet. There were also numerous calls across the world attempting to verify and validate the AP (a trusted group) story. Moreover, this took away from U.S. action items for the day to respond to the flood of requests.”

CounterTack Partners with Preventia to Provide Advanced Malware Analysis Internationally

Closing the Detection Gap on the International Stage

WALTHAM, Mass. (April 23, 2013)CounterTack, the industry’s first and only provider of in-progress cyber attack intelligence and response solutions, today announced its first international customer and strategic partner –  Preventia, a leading IT security specialist, boutique integrator and professional services provider in London.

Cyber attackers target organizations’ most valuable corporate information. Despite advancement in security technology there is still a detection gap, with cyber attackers outpacing cyber defenses. And, there is a growing need in the UK and European market for solutions to help companies close that detection gap.    

“We see a clear opportunity to introduce new technology in the UK and Europe that helps companies better understand the security challenges facing them – and gives them the intelligence they need to address them. That’s where CounterTack comes in,” said Nick Peaster, Managing Director, Preventia. “We’re excited to partner with CounterTack because they solve problems in ways that no other company currently can. Together, Preventia and CounterTack will provide the innovative solutions enterprise companies need to detect breaches early and protect their proprietary information.”

This partnership signifies CounterTack’s first major move into the internal cyber security marketplace. In addition to deploying CounterTack Scout for monitoring and protecting its own network and systems, Preventia will represent CounterTack’s full suite of products in the UK and its existing customer base.  Preventia’s customers include some of the UK’s largest and most prestigious companies, including banks, gaming companies, and retailers.

“Invasive network, workstation and server attacks aren’t unique to this side of the pond. CounterTack’s partnership with Preventia signifies the increasing worldwide demand for solutions such as Scout and Sentinel,” said Neal Creighton, CEO, CounterTack. “We’re excited to partner with Preventia. Its reputation as a provider of new, innovative technologies makes it a great choice for our first international partner.”

Preventia will be exhibiting at Infosecurity Europe April 23 – 25, 2013 at Earls Court Exhibition Centre in London. Stop by Stand E22 to learn more about CounterTack’s full suite of products available through Preventia.

Join Us at IANS Information Security Forum - Deep System Cyber Intelligence

IANS: Information Security Forum
April 29-30 - Roosevelt Hotel, New York

CounterTack is pleased to be a Sponsor of the IANS Information Security Forum, April 29-30 in New York.

IANS NY Information Security Forum

The IANS New York Information Security Forum brings together experienced IT and information security practitioners for confidential information sharing on the industry's most important issues, technologies, and trends. 

We hope you can join us at one of the four Technology Spotlight Sessions we will be hosting during the show:

  • April 29th: 11:05 am-11:40 am and 11:50 am-12:25 pm
  • April 30th: 2:20 pm-2:55 pm and 3:05 pm-3:40 pm
These sessions feature a live demo of CounterTack Scout, the first commercially available solution, using CounterTack’s patented Deep System Inspection technology. Our unique, high-speed technology performs continuous, instruction-level monitoring of guest memory and invisibly collects data on attacker activity.

Learn more about the IANS New York Forum >

Contact us if you'd like to set up a meeting during the event. 

Learn more about CounterTack Scout >

Learn more about CounterTack's Continuous Monitoring via NextGen Honeynets >

 



Join Us at Infosecurity Europe 2013 with Our Partner Preventia

Infosecurity Europe 2013: Secure Thinking - Secure Working 

April 23-25 - Earls Court Exhibition Centre - 
London UK

Visit us in the Preventia Limited Booth (Stand E22)

CounterTack is pleased to be joining Preventia at the upcoming Infosecurity Europe, April 23-25 in London.

Are you ready for the information security challenges the future holds? The 18th Infosecurity Europe is Europe’s largest Information Security industry gathering. Featuring over 350 exhibitors, the most diverse range of new products and services, an unrivalled education programme and 12,500 unique visitors from every segment of the industry.

Keynote speakers include representatives from FBI • Dyson • TNT Express • Scotia Gas Networks • Channel 4 • Ofgem Metropolitan Police • Monster Worldwide • Information Commissioner's Office • EMI Music • EasyJet • Sapient, and more.

Learn more about the Infosecurity Europe event >

Contact us if you'd like to set up a meeting during the event. 

Learn more about CounterTack's Continuous Monitoring via NextGen Honeynets >

 

 

CounterTack Announces Stateful Compromise Indicator Support in CT Scout

Automating Detection and Diagnosis of Advanced Cyber Attacks to Accelerate Active Defense Processes

WALTHAM, Mass. (April 8, 2013) – CounterTack, the industry’s first and only provider of in-progress cyber attack intelligence and response solutions, announced today that its cyber threat intelligence product, CT Scout, will support the company’s new Stateful Compromise Indicator (SCI) technology. SCIs are part of a new layer of automated analysis that classifies attacker behavior, delivering immediately actionable intelligence in next-generation honeynet applications and reducing overhead in advanced threat analysis applications. 

For years, honeypots have demonstrated their value in detecting zero-day and other undetectable attacks, particularly in the government sector. Though effective, traditional honeypots are difficult to set up and equally challenging to manage. Further, these systems require highly skilled operators to analyze the large volumes of data they generate. CounterTack’s integrated solution represents a significant shift in this model, with CT Scout offering the world’s first enterprise-ready platform for next-generation honeynet deployments. With the addition of SCI support, CT Scout customers can further automate detection and remediation actions, and deploy honeynets more widely without expanding the need for highly skilled security analysts. 

“CounterTack is revolutionizing the honeypot market by applying automation to the detection of advanced threats and making honeynet capabilities accessible to more organizations,” said Neal Creighton, CEO, CounterTack.” The integration of our SCIs with CT Scout demonstrates CounterTack’s commitment to helping enterprise customers save time and money, while doing battle with today’s increasingly sophisticated cyber threats.” 

SCIs, originally developed for the CT Sentinel cyber defense product, enable rapid detection of advanced threats. With the addition of SCIs, first-line security operations center personnel can handle more alerts directly without escalating to threat analysis teams, thereby enabling much wider deployment of honeynet solutions. SCIs also improve the efficiency of threat analysis teams by enabling them to quickly filter out known threats and focus on new threats as they are detected.

SC Magazine: Suspect Everything: Advanced Threats in the Network

Despite their investments in endpoint security systems, Deb Radcliff reports on SC Magazine – Suspect Everything: Advanced Threat in the Network – that organizations are waking up to the ugly truth that they are nearly blind when it comes to advanced attacks and malware lurking in their networks. According to Sean Bodmer, chief research of CounterTack, applying intelligence to data analysis is critical when attackers are adept at outsmarting layers of security.

CounterTack Announces Scout V3.2

Deep System Cyber Intelligence for Next-Generation Honeynets and Advanced Malware Analysis 

WALTHAM, Mass. (February 26, 2013)CounterTack, the industry’s first and only provider of in-progress cyber attack intelligence and response solutions, today announced the next version of CT Scout (formerly Event Horizon®), a cyber intelligence product helping enterprise and government organizations close the Detection Gap.

The CounterTack Scout product offers a unique platform for next-generation honeynet deployments as well as advanced malware analysis. A self-contained appliance with a multi-blade virtual machine (VM) architecture, CT Scout supports a range of honeynet configurations, from single honeypots in sensitive network areas to networks of honeynet systems deployed throughout enterprise networks to improve detection coverage and perceptual consistency. 

“It's fair to say that many of us want to see what the bad guys are up to, how they’re coming after us, and what they’re coming for, but we certainly don’t want to let them into our production systems to watch them work,” said Christian Seifert, CEO of The Honeynet Project. “If your job is to protect your assets, there's no better way to keep abreast of what the bad guys are up to than to watch them work, and honeynets give us a way to do that in a lower risk setting.”

CounterTack’s CT Scout appliance also provides a safe way to detonate malware for detailed analysis.  When configured as a closed protected environment, the CT Scout VM architecture supports configurations of exact Windows and Linux production-system replicas, including network connectivity.  By leveraging CounterTack’s patented Deep System Inspection technology, CT Scout provides unique visibility into previously undetectable malware behaviors. 

“You can’t protect against what you can’t see,” said Sean Bodmer, Chief Researcher in the CounterTack Cyber Counterintelligence Research Lab. “The kind of intelligence we’re gaining with Deep System Inspection on CT Scout is what enabled us to figure out how to detect Red October and other advanced threats.”

CT Scout V3.2 will be available for sale in March 2013 and is being demonstrated at the RSA Conference this week at CounterTack’s booth #2533.    

OpenDNS Hosts 'Off-RSA' Security Research Demo Event

CounterTack, CrowdStrike, GFI Software, Norman, Oriza Technologies, Security Information Exchange, ThreatGRID and OpenDNS to Showcase Leading-Edge Cyber Security Technology

SAN FRANCISCO, CA--(Marketwire - Feb 26, 2013) - OpenDNS, the world's leading provider of cloud-delivered Internet security solutions, today announced that it will host a demo event with some of the most innovative names in Internet security research.CounterTackCrowdStrikeGFI SoftwareNormanOriza TechnologiesSecurity Information Exchange (SIE), ThreatGRIDand OpenDNS's Umbrella Security Labs will demonstrate their data-mining research technologies on February 26 at OpenDNS's headquarters in San Francisco.

This 'off-RSA' event offers a unique venue for security researchers to get a close-up view of network security research tools in an informal setting. Attendees will have the opportunity to have intimate dialogues with others within the Internet security community about Big Data mining, cyber security threats, and the trends and technologies shaping the new world of Internet security.

"The recent string of cyber security attacks into the New York Times, Wall Street Journal and Twitter underscores the need for Internet security technology and research to transform from reactive to predictive," said Dan Hubbard, CTO of OpenDNS. "This paradigm shift is possible with technology innovation and collaboration within the security research community. We are looking forward to a night of idea-sharing with some of the best security technologists and researches on the planet."

At the event, OpenDNS will demonstrate its new Umbrella Security Graph, which has leveraged Big Data to discover different attributes, locations, and domains connected with the recently uncovered 'Red October' attacks. With the Umbrella Security Graph, OpenDNS can now deliver predictive Internet security protection to its customers by combining the company's indexed and cross-referenced data with real-time cyber intelligence scoring and threat classification.

The event will also showcase security technologies and research tools from the following companies.

CounterTack provides in-progress cyber attack intelligence and response solutions that enable enterprise and government organizations to combat advanced targeted attacks with Deep System Inspection solutions. The company will demo CT Scout, a cyber intelligence product that helps enterprise and government organizations close the Detection Gap.

CrowdStrike is a security technology company focused on identifying and preventing damage from targeted attacks. The company will demo CrowdRE, a free community tool that allows security researchers and analysts to collaborate on reverse engineering by leveraging crowdsharing to reduce repetitive work by multiple analysts.

GFI Software specializes in the discovery and analysis of dangerous vulnerabilities and malware. The company will demo GFI Sandbox™, a malware analyzer that cyber-security professionals can use to analyze files and URLs for potential threats within a monitored environment, remediate them and deploy the appropriate defenses swiftly to prevent future attacks.

Norman is a global leader and pioneer in proactive security software solutions and forensics malware tools. The company will demo Norman Malware Analyzer G2, which enables IT and security teams to run suspicious artifacts through the award-winning Norman SandBox®, and concurrently analyze the code in Norman's virtualized IntelliVM modules.

Oriza Technologies is a stealth mode start-up developing ground breaking technology to personally identify, and track malicious actors in real time across the Internet.

Oriza's founders are proven world leaders in cyber criminal attribution and prosecution.

Internet Systems Consortium operates the Security Information Exchange (SIE), a trusted, private framework for information sharing in the Internet security field between network operators, law enforcement, security companies and researchers. The organization will demoDNSDB, a database that stores and indexes both the passive DNS data available via ISC's Security Information Exchange as well as the authoritative DNS data that various zone operators make available.

ThreatGRID enables organizations to identify and analyze malicious software on their infrastructure more easily and accurately and in turn to remediate their systems more effectively. The company will demo its ThreatGRID Malware Threat Intelligence Platform Service, a ground-breaking threat intelligence content platform that combines proprietary malware analysis and near real-time actionable threat intelligence to provide insight into global malicious activity for sophisticated customers.

About OpenDNS
OpenDNS is the world's leading provider of Internet security and DNS services, enabling the world to connect to the Internet with confidence on any device, anywhere, anytime. OpenDNS provides millions of businesses, schools and households with a safer, faster and more intelligent Internet experience by protecting them from malicious Web threats and providing them control over how users navigate the Internet, while dramatically increasing the network's overall performance and reliability. The company's cloud-delivered Umbrella security products protect enterprise users from malware, botnets and phishing regardless of location or device. At the heart of all OpenDNS services is the OpenDNS Global Network, the world's largest Internet-wide security network, securing 50 million active users daily through 12 data centers worldwide. For more information, please visit: www.opendns.com.

CounterTack Announces Sentinel

 Expanding the Deep System Inspection Product Portfolio with Production System Monitoring

WALTHAM, Mass. (February 25, 2013)CounterTack, the industry’s first and only provider of in-progress cyber attack intelligence and response solutions, today announced the expansion of its product portfolio with CT Sentinel, a cyber defense product aimed at closing the Detection Gap on production systems.  As part of this portfolio expansion, the CounterTack Event Horizon® product is being rebranded as CT Scout. 

The CounterTack Sentinel product applies Deep System Inspection technology to monitoring production systems. Sentinel is based on a new agent implementation of Deep System Inspection and new Stateful Compromise Indicator (SCI) technology. Together, they enable detection of previously undetectable attacks on production systems. 

“It turns out that when we studied advanced attacks at a low enough level in the operating system layer, there was quite a bit of commonality in the behaviors,” said Sean Bodmer, Chief Researcher in the CounterTack Cyber Counterintelligence Lab. “We turn the attack intelligence from our analyses into SCIs, which retain all the state change information in the attack storylines, to detect these attacks with very high fidelity.”

CT Sentinel will be available for sale later this year. It is being deployed in a joint development program with select CounterTack design partners that will begin March 2013. The design partners represent a range of large-enterprise industry segments and are market leaders in cyber security incident response and operations.  Given the large number of targeted attacks aimed at their companies, a major benefit of the program will be the creation of SCIs for the latest sophisticated custom attacks. 

“We’re very pleased that we have been able to attract some of the best and brightest cyber security practitioners in the industry,” said Neal Creighton, CounterTack CEO. “We know our design partners are very busy confronting ever-increasing attack volumes, so we appreciate their commitment to work with us on advancing the state of the art in cyber defense.”

CT Sentinel is being demonstrated at the RSA Conference this week at CounterTack’s booth #2533.

CounterTack and Cymbel Partner to Provide Next-Generation Enterprise Cyber Defense Solutions

Closing the Detection Gap with Patented Deep System Inspection Technologies

WALTHAM, Mass. (February 15, 2013)CounterTack, the industry’s first and only provider of in-progress cyber attack intelligence and response solutions, today announced a strategic partnership with Cymbel Corporation, a provider of next-generation defense-in-depth for information security.

Today’s highly motivated and persistent cyber attackers specifically target enterprise organizations’ trade secrets, source codes, sales proposals and other valuable corporate information. Despite massive investments and continuing advancements in security technologies, the detection gap persists, with cyber attacker innovations outpacing cyber defenses. 

“Today’s reality is there is no such thing as 100 percent prevention, and targeted attacks against the enterprise are inevitable,” said Bill Frank, Principal, Cymbel Corporation. “By joining forces, Cymbel and CounterTack are bringing powerful solutions to market to detect compromised systems early in the ‘kill chain’ before confidential data can be exfiltrated.”

With this partnership, Cymbel is leveraging CounterTack’s patented Deep System Inspection products to enhance its unique Zero Trust approach that protects critical enterprise assets while cost-effectively meeting compliance requirements. CounterTack’s Deep System Inspection products monitor file, network and process activities deep within the operating system layer. The company’s patented monitoring and intelligence gathering technology provides a new dimension of visibility into the multitude of previously undetectable attacks, including the problematic custom targeted attacks.

“Security teams must equip themselves with real-time situational awareness to identify, understand and combat today’s highly innovative attackers,” said Neal Creighton, CEO, CounterTack. “We are pleased to be partnering with Cymbel to bring our unmatched cyber attack detection capabilities to enterprise customers with a comprehensive solution that integrates seamlessly with existing incident response processes.”

About Cymbel

Cymbel Corporation is an IT Solutions Provider, 100 percent focused on security and compliance. Founded in 2000, Cymbel is headquartered in Newton, Mass., with branches in Connecticut, New York, and New Jersey. Cymbel helps enterprises (1) mitigate the risks of confidential data breaches using a Zero Trust approach, and (2) safely enable new business initiatives, partnerships, processes, applications, and technologies such as Web applications, social media, mobility, virtualization, and cloud.

CounterTack CEO Neal Creighton to Present at AGC West Conference on February 25

Showcasing Newly Patented, Deep System Inspection Technology at AGC, RSA Conferences

WALTHAM, Mass. (February 7, 2013)CounterTack, the industry’s first and only provider of in-progress cyber attack intelligence and response solutions, today announced that CEO Neal Creighton has been invited to present at America’s Growth Capital (AGC) Ninth Annual West Coast InfoSec and Technology Growth Conference on Monday, February 25, at the Westin San Francisco Market Street.

The AGC Conference will showcase the most innovative emerging growth companies, and feature dynamic panel discussions and presentations delivered by industry luminaries and leading executives of public and private information security enterprises. At the conference, Creighton will discuss the widening Detection Gap problem and how CounterTack’s innovations in deep system inspection technology are helping to close the Gap.

During the week of February 25 – March 1, AGC participants who are also attending the RSA Conference will be able to see demonstrations of CounterTack products at booth #2533. CounterTack will have a strong presence at the RSA Conference, showcasing next-generation cyber defense solutions based on its patented deep system inspection technology.  

CounterTack will also feature two book signing events at the RSA Conference at booth #2533. 

  • A visible authority on the frontlines of cyber security, CounterTack Chief Researcher Sean Bodmer will share in-depth counterintelligence tactics to fight cyber espionage from his book, Reverse Deception: Organized Cyber Threat Counter-Exploitation, on Tuesday, February 26, at 1:00 – 2:00 p.m. PST.

  • Acclaimed author, CounterTack Board Member and Cylance CEO & President Stuart McClure will showcase his latest book, Hacking Exposed: Network Security Secrets & Solutions, which has been translated into more than 30 languages and is the definitive best-selling computer security book, on Thursday, February 28, at 11:00 – 11:45 a.m. PST.

Register here to schedule a one-on-one meeting with CounterTack experts during RSA Conference 2013.

CounterTack Detects “Red October” Attack within First 90 Seconds of Infection

CounterTack to Demonstrate Deep System Inspection Capabilities at RSA Conference 2013 

WALTHAM, Mass. (February 4, 2013)CounterTack, the industry’s first and only provider of in-progress cyber attack intelligence and response solutions, today announced that its Cyber Counter-Intelligence Research Lab has successfully detected a “Red October” malware attack within 90 seconds of infection of a victim system via CounterTack’s Stateful Compromise Indicators (SCIs).

“Red October,” the notorious, highly organized cyber espionage campaign first investigated and reported by Kaspersky Labs, has infiltrated the networks of governments and enterprises in numerous regions, particularly Eastern Europe, former states of the Soviet Union and Asia, largely targeting sensitive government, diplomatic and scientific research information. Beginning in 2007, many Red October campaign components went undetected by anti-virus programs for months and even years after infection.

“Through the use of armoring techniques, which focus on evading and silently disabling host-based security systems, the Red October campaign operated undetected for several years by simply re-purposing the same crimeware tools over and over again,” said Sean Bodmer, chief researcher, counter-exploitation intelligence, CounterTack. “Today’s cyber battle is not only against the advanced crimeware itself, but also against the evasion and exploit techniques employed by the sophisticated architects behind these tools. The Red October campaign sheds light on a larger underlying issue: the widening detection gap, which is being driven by attacker innovations such as armoring.”

Through the expanded usage of next-generation honeynets, CounterTack is poised to deliver a series of innovations aimed at closing the detection gap. Over the next month and at the upcoming 2013 RSA Conference in San Francisco, Calif., CounterTack (booth #2533) will unveil:

  • The most recent findings from CounterTack’s Cyber Counter-Intelligence Research Lab – including the successful detection of Red October malware and other targeted attacks;
  • Newly patented technology that enables monitoring from deep within the operating systems of actual production assets to detect previously undetectable attacks;
  • Two new, game-changing solutions focused on deep system inspection and new Stateful Compromise Indicators, purpose-built to narrow today's existing detection gap.

To schedule a one-on-one meeting with CounterTack researchers during RSA Conference 2013, please visit here.

PC Mag: Dotcom's Mega: Privacy And Security Woes

In this article from Max Eddy on PC Mag’s SecurityWatch blog, Dotcom’s Mega: Privacy and Security Woes, CounterTack Chief Researcher, Sean Bodmer, weighs in on Mega’s encryption systems.

DailyTech: 'BYOD' Issues Creating Headaches In The Enterprise

Michael Hatamoto reports on DailyTech, ‘BYOD’ Issues Creating Headaches In The Enterprise. BYOD policies can open the door to costly security issues and loss of productivity. Late last year, a CounterTack survey of IT security officials revealed that most companies are clearly unprepared to tackle BYOD policy.

Boston Business Journal: CounterTack Gets First Patent For Cyber Attack Protection Software

The Boston Business Journal highlights CounterTack’s first patent for cyber attack detection: CounterTack Gets First Patent For Cyber Attack Protection Software. CounterTack Event Horizon software allows for data collection and intelligence gathering from within operating systems. It targets enterprise and government organizations at the risk of advanced, targeted threats.

CounterTack Awarded Patent for Next-Generation Cyber Attack Detection Technology

Looking Deeper into Operating System Behavior to Detect the Undetectable 

WALTHAM, Mass. (January 18, 2013)CounterTack, the industry’s first and only provider of in-progress cyber attack intelligence and response solutions, today announced that the U.S. Patent and Trademark office has allowed the patent application for its unique cyber attack detection technology, which was developed at the company’s research and development center in Santa Monica, Calif.

“Facing the cyber arms race of this generation’s Cold War, we started with a vision that the industry needed new approaches for cyber security based on a better understanding of the attacker,” said Alen Capalik, CounterTack founder. “It’s gratifying to achieve this major milestone on our journey to help make the network, where we now all live, work and play, a safe place.”

CounterTack developed a new approach that enables data collection and intelligence gathering from deep within operating systems. Monitoring at a deeper level of the network and system architecture has demonstrated a new level of behavioral analysis that enables detection of previously undetectable attacks, such as polymorphic and armored malware, directed and personalized attacks and non-malware attacks, including those from insider threats. 

“The detection gap is as wide as ever despite continuing advancements and investments in cyber security solutions,” said Neal Creighton, CounterTack CEO. “We are very pleased to receive this patent for one of our innovations that is helping to close the gap, and which is already proving its value in next-generation honeynet solutions for major customers around the world.” 

The Washington Times: Glitch Imperils Swath Of Encrypted Records

A widely used method of computer encryption has a little-noticed problem that could allow confidential data stored by almost all Fortune 500 companies and everything stored on U.S. government classified computers to be “fairly easily” stolen or destroyed.

The warning comes from the inventor of the encryption method, known as Secure Shell or SSH.

...

As a teenager in the 1990s, Sean M. Bodmer hacked government computers and was arrested by the FBI. Today, he is a top researcher at the computer security firm CounterTack, based in Waltham, Mass.

“It’s quite horrific what access you can get with an SSH key,” Mr. Bodmer told The Times.

Mr. Bodmer described how a hacker could use abandoned keys to move through a supposedly secure computer network by hopping from server to server.

“It’s a domino effect” security breach, he said.

Read More >

eWEEK: DOE Cyber-Security Audit Shows Incident Reporting, Management Hurdles

An audit of the Department of Energy's Cyber Security Incident Management Program found that duplicative efforts and the inconsistent reporting of cyber incidents are challenging security management.

...

Government reporting and accountability of compromises, incidents and loss of protected networked knowledge remain disjointed and inadequate, according to Sean Bodmer, chief researcher at security vendor CounterTack.

The biggest issues are not the incident responders in the trenches who want to honestly do their jobs, but almost always one of the typical political or policy challenges that "plague the Information Assurance and Security professionals working for and in the U.S. government," he said.

Read More >

Clearance Jobs: Cybersecurity News Round-Up: Targeted Cyber Attack Poses ‘Credible Threat’ To U.S. Banks

The financial industry must prepare for a “mass fraud campaign” that will target 30 of the United States’ banks by spring 2013, according to a new report.

Less than three months after news surfaced that massive denial-of-service cyber attacks shuttered the websites of some the nation’s most prominent banks, including Bank of America and JPMorgan Chase, a new report from security firm McAfee advises that there is still a “credible threat.”

...

 “Coordinated campaigns targeting financial services organizations are not novel, and have been in play since well before 2010,” Sean Bodmer, chief researcher at cyber attack intelligence firm CounterTack told ClearanceJobs in a statement. “What’s new and most interesting is the mass profit sharing model being trumpeted.”

 “It would seem that the criminal underground is maturing at a much faster pace than world governments believe,” he added.

Read More >

IT Business Edge: Banking Industry Must Remain On Alert For DDoS Attacks

In the days after the election, I saw a headline fromThe Onion making the social media rounds that read, “Nation Horrified To Learn About War In Afghanistan While Reading Up On Petraeus Sex Scandal.”

There are three points made in that headline. First, America loves its sex scandals and meaty gossip about people they’ll never actually know — a lot. Second, the media have done a really horrible job covering the war in Afghanistan. Third, we tend to forget about important things if they aren’t making headlines every day. It is the third point that I want to focus on here.

...

Thing is, even when the attacks against the banks were initially announced earlier this year, it was still old news, according to Sean Bodmer, chief researcher at CounterTack, who told me:

"Coordinated campaigns targeting financial services organizations are not novel, and have been in play since well before 2010. Banks have been targeted for years, by carders and crimeware operators alike. Almost every black-market forum has a Web-inject that will steal user credentials from top financial services organizations. It’s old news, really. What’s new and most interesting is the mass profit sharing model being trumpeted – it’s very unique at a broad level of operation. Cybercriminal operations and black-market sales have commercially leveraged sales options, such as suggestion/comment forums, service level agreements, an d guaranteed response times. Not to be forgotten are bulk sales discounts of criminal tools, money transfers, product demonstrations, product evaluation periods, and now we’re seeing profit sharing… It would seem that the criminal underground is maturing at a much faster pace than world governments believe."

Read More >

Bloomberg Businessweek: Threatened Cyber Attack On Banks ‘Credible,’ McAfee Says

A cyber fraud campaign targeting U.S. brokerages and banks is a “credible threat,” and at least 500 accounts are vulnerable after early attacks planted software that could help thieves steal money, according to a report released today.

...

While coordinated fraud campaigns against banks aren’t new, the latest threat is noteworthy for the mass profit-sharing model the attackers have proposed, said Sean Bodmer, chief researcher at CounterTack Inc., a computer security firm.

“It would seem that the criminal underground is maturing at a much faster pace than world governments believe,” Bodmer wrote in an e-mail.

Read More >

Network World: Enterprises Are Buying Host-Based Advanced Malware Detection/Prevention Tools To Capture Forensic Data

APTs and advanced malware are having a profound effect on cybersecurity technologies. One notable change is the rise of new Advanced Malware Detection/Prevention (AMD/P) technologies from vendors like Bit9, Bromium, CounterTack, Invincea, Malwarebytes, and Sourcefire that detect and block advanced malware on servers and endpoints.

Aside from acting as another layer of defense, CISOs tell me that these tools provide another valuable security function – they capture host activities (i.e. file downloads, processes, registry settings, network activity, etc.). Some tools also provide analytics while others hand the data to SIEM platforms, cloud analytics, etc. Host behavior data is then used as part of advanced malware detection and also provides basic forensic information for incident response.

Let me step back and bit and provide some context here. Advanced malware circumvents traditional security controls and ends up compromising host computers (mostly endpoints). In spite of the fact that enterprises typically have thousands of Windows PCs, they are virtually blind to what happens on the actual devices. This issue was illustrated in a recent ESG Research survey where security professionals working at enterprise organizations (i.e. more than 1,000 employees) were asked to identify their weakest areas of endpoint security monitoring.

Read More >

Enterprise Systems: Top 3 Trends For Cybersecurity In 2013

What should IT security professionals be watching out for this year? Here are the top three trends they should be paying attention to.

2013 Trend #1: A new emphasis on catching criminals

In 2012, Microsoft inadvertently informed the primary authors and operators of the Zeus and SpyEye crimeware platforms of an upcoming civil lawsuit. A subpoena of the defendants’ Gmail accounts prompted Google to notify the suspects about the lawsuit being issued on behalf of Microsoft and potentially law enforcement. This disclosure, ironically a result of Google’s privacy policy, included the level of attribution that had been collected over years by a working group and independent security researcher. A few months prior, the Koobface gang was outed, prompting criminals throughout the world to begin evaluating their operational security and asking themselves questions about the footprint of their digital identities. In doing so, they began to get smarter -- and harder to isolate.

In 2013, we foresee this trend continuing: international law enforcement agencies and world governments peel apart the Internet in attempts to identify criminals, including digital hacktivists, such as the Anonymous group. For example, if just a fraction of the sum of Anonymous members can be identified and tied to some of the more prevalent threats to e-commerce from 2012, it will only be a matter of time until it becomes easier to attribute specific illegal online activities to these criminals.

Read More >

SearchSecurity: Custom, Targeted Malware Attacks Demand New Malware Defense Approach

Not long ago, an IT security analyst at a major southeast U.S.-based distributor of electronic components spotted some peculiar network activity. The analyst had been evaluating Netflow network traffic data and identified that someone, or something, was conducting periodic scans of large blocks of IP addresses.

"We were breached," said the analyst, whose spoke to SearchSecurity.com under the condition of anonymity. "We found numerous systems infected in one of our warehouses," he added, "as well as our administrative network."

...

There is plenty of anecdotal evidence, as word breaks of a new targeted zero-day attack on a near-daily basis. Additionally, an August survey on targeted attacks by Waltham, Mass.-based vendor CounterTack Inc. revealed that more than half of the 100 infosec executives surveyed said their organizations had targeted in the past 12 months.

Read More >

Computer Technology Review: A New Approach to Cyber Security

Advanced, targeted threats loom over our hyper-connected world, making information security a constant, uphill struggle for enterprise organizations. Intellectual property, personally identifiable information (PII) and financial data are at greater risk than ever before, yet many executives within Fortune 1000 organizations still believe IT security is solely with the security department, and does not warrant the attention of senior executives and the board of directors.

Additionally, many enterprises lack the right tools, training and experience to effectively combat targeted attacks. Today’s advanced and evolving cyber challenges require a new approach and dedicated resources, but many organizations have yet to make a change.

My company, CounterTack, recently commissioned an independent survey of 100 information security executives at enterprise organizations with revenues greater than $100 million, called A Cyber-readiness Reality Check, which reveals a heightened awareness of global threats, but a lack of situational awareness when it comes to their own enterprises. 

Read More >

CounterTack Names Sean Bodmer Chief Researcher, Counter-Exploitation Intelligence

Newly Appointed Executive Brings Depth of Assurance, Detection and Research Experience

WALTHAM, Mass. (November 13, 2012) – CounterTack, the industry’s first and only provider of in-progress cyber attack intelligence and response solutions, today announced the hiring of Sean Bodmer as the company’s chief researcher of counter-exploitation intelligence, effective immediately. Bodmer, former senior threat intelligence analyst for Damballa, brings a unique background and industry perspective to advanced threat detection and analysis. Bodmer has been a highly visible authority on the frontlines of cyber security. His experience has ranged from building advanced honeynets and advanced intrusion detection systems to conducting internal research and military intelligence field operations.

“Joining a company like CounterTack, which has built a strong reputation as an innovator in advanced threat detection, was an easy decision,” said Bodmer. “I look forward to enhancing that reputation by advancing and building on the company’s research into threat counter-exploitation intelligence in support of its mission to tackle today’s most daunting organized and persistent threats and their crimeware tools, tactics, and techniques.”

An oft-cited and published cyber security expert, Bodmer has more than 16 years of security assurance experience. As senior threat intelligence analyst for Damballa, Bodmer served as threat intelligence team lead, where he was responsible for leading the counter-intelligence, counter-exploitation, malware analysis, and crimeware infrastructure analysis activities. Prior to his work at Damballa, Bodmer worked in the Washington D.C. metropolitan area for more than a decade supporting U.S. defense and intelligence agencies as a subject matter expert in his fields of practice in computer network defense and exploitation. Bodmer co-authored Hacking Exposed: Malware and Rootkits and Reverse Deception Organized Cyber Threat Counter-Exploitation, both published by McGraw-Hill in 2009 and 2012, respectively.

“Sean’s depth of experience on the frontlines of cyber security research and programming will bring CounterTack customers a deeper understanding of the dangers, permutations and constant evolution of advanced, targeted attacks,” said Neal Creighton, chief executive officer at CounterTack. “His research and industry perspectives will also ensure CounterTack continues building and enhancing our detection capabilities to meet pace with the ever-changing nature of threats from today’s most sophisticated and determined adversaries.”

In addition to heading up CounterTack’s research team and helping to advance the company’s detection capabilities, Bodmer also rounds out a strong bench of company experts and will take an active role in shaping the CounterTack blog and advancing industry discussions around advanced malware threats and detection.

 Survey Results on Security Execs Cyber-readiness

Visit Us at RSA Conference 2013 - Cyber Attack Intelligence

RSA Conference 2013:
Security in Knowledge: Mastering data - Securing the world
February 25 - March 1, 2013 - San Francisco

Visit us in Booth #2533

CounterTack is pleased to be sponsoring the upcoming 2013 RSA Conference, February 25 – March 1 in San Francisco. The RSA Conference convenes thousands of information security professionals who will discover the latest advancements in security technology. Covered topics include: Application Security; CISO Viewpoint; Cloud & Virtualization Security; Data Security & Privacy; Enterprise Defense; Hackers & Threats; Identity and Access Management; Security Trends & Innovation; and much more. 

Don’t miss CounterTack at Booth #2533 – and a chance to win a Vespa Scooter!

  • Check out the latest findings from CounterTack’s Cyber Counter-Intelligence Research Labs – including the successful detection of “Red October” malware and other targeted attacks.
  • Preview patented technology that enables monitoring from deep within the operating systems of actual production assets to detect polymorphic and armored malware to targeted and personalized attacks to non-malware attacks.
  • Demo two new, game-changing solutions focused on deep system inspection and new Stateful Compromise Indicators, purpose-built to narrow today's existing detection.

And don’t miss book signing events at CounterTack’s booth #2533 with leading cyber security researcher Sean Bodmer (Tuesday at 1:00 p.m.) and acclaimed security visionary Stuart McClure (Thursday at 11:00 a.m.)

Attending the show? Contact us to schedule an onsite meeting.

To register for the Conference, please visit the RSA Conference website.  

For Information on our VESPA Giveaway at RSA 2013.

  


CounterTack and CyberSheath Announce New Cyber Security Partnership

Strategic Partnership Introduces Comprehensive Cyber Security and Compliance Solutions to Enterprise and Government Organizations

WALTHAM, Mass. (October 16, 2012) – CounterTack, the industry’s first and only provider of in-progress cyber attack intelligence and response solutions, today announced a strategic partnership with CyberSheath Services International, a new company that bridges the gap between business and IT risk with innovative risk management solutions. 

Through this partnership, CounterTack and CyberSheath combine unique services and solution expertise to help customer organizations effectively combat today’s advanced, targeted cyber attacks. By joining forces, the companies bring to market integrated technology solutions that enable real-time cyber attack intelligence and rich, actionable forensics, while meeting organizations’ business-specific regulatory compliance requirements.

CounterTack’s Event Horizon® is an active monitoring, detection and intelligence platform that enables organizations to identify, disrupt and respond to in-progress cyber attacks. CyberSheath’s comprehensive compliance and threat mitigation services provide joint customers with build-it metrics, enabling them to measure their risk profiles, improve their security postures and deploy resources where they will have the greatest impact.

“CounterTack’s Event Horizon platform for continuous, operating system-level monitoring and detection of in-progress attacks, coupled with CyberSheath’s methodology for quantifying security risk against regulatory compliance, is a powerful force multiplier in risk management,” said Eric Noonan, CEO, CyberSheath.

“In today’s era of highly sophisticated corporate cyber attacks, CounterTack continues to build its strategic network of technology partners, helping us to provide organizations with unmatched attack intelligence and response solutions to meet their unique security needs,” said Neal Creighton, CEO, CounterTack. “The new CounterTack CyberSheath reseller and referral agreement allows us to offer one-of-a-kind cyber security solutions to a far-reaching customer base, and we look forward to a mutually beneficial business partnership.”

About CyberSheath

CyberSheath Services International was founded to fill the leadership void in the cyber security market and replace duplicative and wasteful security practices and technologies with measurably better solutions. The company delivers automated and measurable security programs that quantify organizations’ security posture for their customers and auditors.

 

a5b3ebbc-d5c3-40ca-8a33-b3527544acde

CounterTack Appoints Security Veteran Stuart McClure to Board of Directors

CounterTack Expands Board of Directors with Cylance, Inc. CEO and Former McAfee Global CTO

WALTHAM, Mass. (October 9, 2012) – CounterTack, the industry’s first and only provider of in-progress cyber attack intelligence and response solutions, today announced it has named Stuart McClure, president and CEO of Cylance and former McAfee global chief technology officer, to its Board of Directors. CounterTack provides unprecedented levels of intelligence in attacks currently taking place inside the network perimeter.

“CounterTack is taking a truly unique approach to solving today’s most challenging security problem – advanced, highly targeted attacks that have already infiltrated enterprise networks,” said McClure. “I look forward to working alongside some of the industry’s most innovative security leaders to further accelerate the company’s rapid growth, while bringing to market unprecedented levels of intelligence and visibility into in-progress cyber attacks.”

An acclaimed security visionary, McClure has more than 22 years of technology and executive leadership experience with profound technical, operational and financial expertise. Currently, McClure is the president and CEO of stealth security company Cylance, Inc. McClure most recently served as global chief technology officer at McAfee. Previously, he held positions as executive director of security services for Kaiser Permanente, served as senior vice president of global threats and research at McAfee Labs where he led an elite global security threats team, and was founder, president and chief technology officer of Foundstone (acquired by McAfee in 2004). Widely recognized for his extensive and in-depth knowledge of security, McClure is one of the industry's leading authorities in information security. His first book, Hacking Exposed: Network Security Secrets & Solutions has been translated into more than 30 languages and is the definitive best-selling computer security book.

“Stuart’s deep knowledge of the security industry and seasoned expertise make him a powerful addition to our Board of Directors,” said Neal Creighton, chief executive officer at CounterTack. “His strategic guidance will be invaluable as CounterTack continues to build strong momentum, sparking the revolution the security industry so desperately needs.”

In addition to McClure, the members of CounterTack’s Board of Directors are Retired Admiral William J. Fallon, chairman; Neal Creighton, chief executive officer; Alen Capalik, founder and chief architect; Mark Hatfield, partner at Fairhaven Capital; Christopher Boies, partner at Boies, Schiller & Flexner LLP; and Alex Doll, CEO of OneID.

CounterTack Names New Senior Vice President of Sales

In-progress Cyber Attack Intelligence Provider Appoints Veteran Security Executive to Leadership Team

WALTHAM, Mass. (September 27, 2012) – CounterTack, the industry’s first and only provider of in-progress cyber attack intelligence and response solutions, today announced that Kirk Appelman has joined the company as senior vice president of sales. Appelman will be responsible for the direction and management of CounterTack’s sales operations, as well as driving the company’s overall revenue growth.

Specializing in information security for more than a decade, Appelman holds more than 20 years’ experience in technology sales and sales management. He joins CounterTack from Damballa, where he served as vice president of service provider solutions and established the company’s Telco/ISP business, which under his leadership became a substantial piece of the company’s overall revenue. He also established the company’s international presence by signing marquis clients across Europe and Asia. Prior to Damballa, Appelman was a director of sales at Proofpoint, where he restructured and led the successful growth of the company’s business in the Eastern United States. Throughout his career, Appelman has also held sales leadership positions with McAfee, Juniper Networks and Internet Security Systems (ISS).

"Kirk’s proven track record and extensive expertise in the advanced threat market make him an invaluable asset and strong addition to CounterTack’s leadership team," said Neal Creighton, CEO, CounterTack. "By providing unique, real-time analysis of operating system-level functions, CounterTack continues its accelerated growth, offering government and enterprise organizations broad situational awareness of their IT environments coupled with actionable forensics intelligence on in-progress attacks." 


CSO: Vendor Cybercrime Report In The Hot Seat Again

Symantec's Norton group released a new cybercrime study this week that found the average cost of online crime per victim declined during the past year. However, while down, at $110 billion a year that's still a very big global business.

The credibility of studies commissioned by security vendors has been strained of late. While nobody disputes that the cost of cybercrime is well into the billions, a number of critics have charged that such surveys inflate the numbers to scare more people into buying security software.

...

Neal Creighton, CEO of CounterTack, adds that consumers should "only submit personal information on a secure site where the padlock tells them they are secure. For more assurance, look for the green bar in the address window and the padlock -- that tells you that you are on a highly authenticated site."

Read More>

The Mobility Hub: IT Security Unprepared for BYOD

Respondents to a survey commissioned by CounterTack of 100 information security executives were more likely to give themselves a C than an A when asked to grade their own ability to discover in-progress attacks quickly enough to mitigate damage and prevent catastrophic loss.

The respondents work in enterprises with annual revenue of more than $100 million.

About half the respondents said their organization had suffered cyberattacks in the past 12 months, and one-third of those attacked were not confident their company could defend itself against more attacks.

TIME: Winning Cyber Battles Without Fighting

In military operations, good leaders never make a move without the best available intelligence and a strong sense of situational awareness. To do otherwise is tantamount to flying blind, something a good pilot or business leader should avoid.

Unfortunately, too many leaders of industry and commerce seem to be flying blind in today’s cyber domain.

The Cyber-readiness Reality Check,” an independent survey recently commissioned by my company, CounterTack, Inc., reveals that more than one-third of cyber security executives at companies with revenues greater than $100 million are unable to see an attack once it finds its way inside the perimeter of their systems.

Read More >

Bloomberg West TV: Cyber War: Preparing for a Cyber Security Breach

Countertack Chairman Admiral William Fallon discusses who is most vulnerable to cyber attacks. He speaks with Emily Chang on Bloomberg Television's "Bloomberg West."

eWEEK: IT Security Unprepared for Targeted Attacks

Businesses are struggling to prevent targeted security attacks with IT departments that take a protective stance.

Businesses are ill-prepared to detect and stop advanced, targeted security attacks, according to a survey of information security executives at enterprise organizations with revenue greater than $100 million. The study, sponsored by cyber-attack intelligence and response solutions provider CounterTack and conducted by ResearchNow, showed that nearly half the respondents indicated their organizations were attacked within the past year, and one-third of those attacked said they lack confidence in their organizations’ readiness and ability to defend against other attacks.

Read More >

Forbes: Is Your IT Posture That Of A Protector, Detective, or Warrior?

A new survey from CounterTack (download here) has gotten a lot of attentionthis week. The “Cyber-readiness Reality Check” survey is a first-of-it’s-kind exploration and explanation of the state of cyber-readiness inside the enterprise. It reveals and corroborates the anecdotal evidence that many of us have been exposed to. We know that attacks against critical information are on the rise, we read about them everyday. Last year’s successful infiltration of RSA set the stage and the revelation in June by Paul Sanger, writing in the New York Times, that the US and Israel are evidently engaged in crafting advanced malware, have shaken security practitioners to the core of their networks.

Read More >

eSecurity Planet: CounterTack: Enterprises Aren't Ready for Targeted Attacks

A recent CounterTack survey of more than 100 information security executives at enterprises with revenues over $100 million has found that such companies aren't sufficiently prepared to detect and block advanced targeted attacks.

Almost half of survey respondents said their companies had been attacked within the past year, and on third of those that had been attacked said they lacked confidence in their organizations' ability to stop further attacks.

Fully 84 percent of respondents said their companies are vulnerable to advanced persistent threats targeting critical assets such as intellectual property.

Read More >

Computerworld: Security Vendor Exposes Vulnerabilities In DDoS Rootkit

In what it says is an attempt to turn the tables on malicious hackers, security vendor Prolexic on Tuesday released details of vulnerabilities it has discovered in a toolkit family used by hackers to launch distributed denial of service attacks against corporate networks.

The disclosure is designed to give IT security staff information they can use to mitigate attacks launched using the DDoS toolkit, according to Prolexic.

The company's vulnerability report specifically details flaws in the command & control component of the Dirt Jumper DDoS toolkit that has been associated with DDoS attacks recently. The flaws allow "counter-attackers to obtain access to the Command and Control (C&C) database backend, and potentially server-side files," the company noted in a statement.

Read More >

InfoSecurity: Companies Hunker Down In Response To Targeted Attacks

Nearly half of companies have been the victim of a targeted cyberatttack within the past year and most favor adopting a military-style approach to combatting those attacks, according to a survey by CounterTack.

One-third of those companies that were attacked lack confidence in their organizations’ readiness to defend against further aggression, according to the survey of 100 infosec executives at companies with revenues greater than $100 million.

Thirty-six percent of respondents indicated that if an attacker got inside their perimeter defenses and into their networks, they would not be able to see or stop the attack. When asked to grade themselves at discovering in-progress attacks quickly enough to mitigate damage and prevent catastrophic loss, respondents were more likely to give themselves a “C” versus an “A.”

Read More > 

C-SPAN: U.S. Cyber Command Chief Addresses Cyber Operations Conference

The chief of the U.S. Cyber Command believes the country is vulnerable to a massive cyber attack that could come at any time. Gen. Keith Alexander, who also heads the National Security Agency, will speak about cybersecurity at today's cyberspace operations conference hosted by The Armed Forces Communications and Electronics Association (AFCEA).

Gen. Alexander advocates for more cooperation between the military, the government and private companies to protect critical infrastructure such as power plants, water treatment plants, banks and financial networks from cyber attacks.

He recently attended the Defcon convention in Las Vegas, where he encouraged hackers, skilled at finding vulnerabilities in computer network security systems, to join the government in creating a cybersecurity strategy.

A recent survey of private companies, conducted by the cybersecurity company CounterTack, found that businesses favor a military-style cyber strategy. More than half claimed that they have experienced cyber attacks and many complained that they lack the technical skills to protect themselves.

Read More >

IT Business Edge: How Does Your Company View Cybersecurity?

Do you think that cybersecurity is something that only big companies have to worry about or have the budget to handle?

Perhaps those large companies aren’t as prepared as you think. According to a new survey conducted by CounterTack, a provider of in-progress cyber attack intelligence and response solutions, most organizations are ill-prepared to detect and stop advanced, targeted attacks.

Read More>

Security Week: Enterprise IT Talks Proactive Security, But Stays on Defense, Survey Finds

Many large organizations are not confident in their ability to fight off the latest salvos of advanced persistent threats, and are relying on reactive approaches even as they talk about being more proactive, a new survey has found.

The survey, which was conducted in June on behalf of security vendor CounterTack, fielded responses from 100 executives responsible for IT security at companies with more than $100 million in annual revenue. The survey found that 84 percent believe their organizations are vulnerable to advanced persistent threats (APTs) targeting critical assets. What's more, almost half (49 percent) of everyone surveyed said their organization had been attacked within the last 12 months.

Read More >

IT Business Edge: How Does Your Company View Cybersecurity?

Do you think that cybersecurity is something that only big companies have to worry about or have the budget to handle?

Perhaps those large companies aren’t as prepared as you think. According to a new survey conducted by CounterTack, a provider of in-progress cyber attack intelligence and response solutions, most organizations are ill-prepared to detect and stop advanced, targeted attacks.

Read More >

Enterprise Systems: Security Executives Admit They’re Poorly Prepared for Targeted Attacks

In its new Cyber-readiness Reality Check report, security specialist CounterTack points out what many organizations fear: they’re ill-prepared to detect and stop advanced, targeted attacks.

The independent survey of 100 information-security executives at large U.S. enterprises (those with $100 million or more in revenues) conducted in mid-June found that nearly half of respondents admitted that their enterprises were attacked in the past 12 months; a third of those “lack confidence in their organizations’ readiness to defend against further aggression.”

Read More >

CSO: A Few Words on Situational Awareness and Incident Response

Something we're seeing a lot of these days: CSOs displaying plenty of knowledge about the threats out there, but little clue as to how those threats might be in play within their environments. The latest example is in a newly-released report based on a survey of 100 information security executives from enterprises with revenues greater than $100 million.

Let's review the high points, then I'll tell you why, in my humble opinion, this isn't such a bad thing.

Security vendor CounterTack commissioned the survey for use in its "Cyber-readiness Reality Check" report. The survey was conducted online within the United States between June 13 and 20 by ResearchNow. Three-quarters of respondents were CISOs or CSOs. The remaining quarter filled senior-level security roles within their organizations, including IT security engineers, information assurance analysts, security systems administrators, senior IT security consultants or security architects.

Read More >

MarketWatch Radio: CounterTack's Cyber-readiness Reality Check

Half of company executives admit to network attacks over the last year, according to a survey conducted by CounterTack. CEO Neal Creighton talks with Alisa Parenti about the growing -- and changing -- threats companies face.

Listen to the Recording >

CNN: Executives Advocate Military-style Approach to Cybersecurity

A new study being released by a private Internet security company highlights cyberworld weaknesses when it comes to gathering intelligence on hackers and suggests that businesses take a more military-minded approach to defense.

The cybersecurity company CounterTack polled 100 information security executives at companies with revenues greater than $100 million. Nearly half of the respondents said their organization had been the victim of a targeted cyberattack within the past year.

Read More >

Boston Globe: Major Companies Still Vulnerable to Online Data Theft, Report Warns

Despite well-publicized data­ thefts in recent years, major US companies are as vulnerable as ever to hacker attacks, and many executives say their businesses lack the resources to protect themselves, according to a report from the Waltham-based computer security company CounterTack Inc.

CounterTack commissioned a survey of 100 information security executives at companies with revenues greater than $100 million and found that half had dealt with computer network attacks during the previous 12 months.

Read More >

CounterTack’s Independent Survey Finds Growing Awareness for Global Threats Among Security Executives, but Lack of Situational Awareness When It Comes to Their Own Enterprise

More “Cs” than “As” on industry report card, as majority of organizations still rely on outmoded security arsenals to combat targeted attacks

WALTHAM, Mass. (August 13, 2012)CounterTack, the industry’s first and only provider of in-progress cyber attack intelligence and response solutions, today revealed findings of an independently commissioned study, which shows organizations are ill-prepared to detect and stop advanced, targeted attacks. One hundred information security executives at enterprise organizations with revenues greater than $100 million were surveyed in the company’s "Cyber-readiness Reality Check.”

Almost half of survey respondents indicated their organizations have been attacked within the past 12 months and one-third of those attacked lack confidence in their organizations’ readiness to defend against further aggression. Eighty-four percent of information security executives believe their organizations are vulnerable to advanced persistent threats (APTs) targeting intellectual property or other critical organizational assets and 44 percent of respondents admitted a lack of time and resources when it comes to dealing with such threats.

“This survey corroborates the anecdotal evidence many of us in the industry are exposed to, which paints a chillingly accurate picture of a growing chasm between executive awareness about the nature of rapidly evolving threats and the available resources to address them,” said Richard Stiennon, chief research analyst, IT-Harvest. “While the willingness of information security executives to explore new ways of dealing with targeted advanced threats in the coming months is an encouraging finding, it’s also evident that economic constraints and outmoded thinking will remain stumbling blocks.”

Four out of five surveyed cyber security executives believe that enterprise could benefit from adopting a military-style approach to security learned from physical battlefields– such as situational awareness and intelligence gathering. However, only 21 percent credited themselves with currently taking a “warrior” stance to cyber defense, using intelligence and real-time situational awareness tactics learned from the military, compared to 58 percent who indicated taking more of a “protector” role when it comes to defending organizational assets.

“The new cyber landscape calls for organizations to recognize that advanced, targeted attacks have moved inside the virtual walls of their networks and that a more anticipatory posture in the face of eventual attacks is required,” said Neal Creighton, CEO at CounterTack. “This CounterTack study clearly shows that the adoption of an active, agile approach based on real-time situational awareness and intelligence will be critical to effectively stopping in-progress cyber attacks.”

Despite the willingness of some security executives to explore new solutions (e.g., 18 percent indicated plans to purchase new cyber intelligence technologies), static, perimeter-centric tools such as firewalls remain the most relied upon security products and nearly one-third of security teams spend more than fifty hours per month studying existing malware permutations to prevent future attacks.

Thirty-six percent of respondents indicated that if an attacker got inside their perimeter defenses and into their networks, they would not be able to see or stop the attack. When asked to grade themselves at discovering in-progress attacks quickly enough to mitigate damage and prevent catastrophic loss, respondents were more likely to give themselves a letter-grade of “C” versus “A.”

To download the entire report and infographic, please visit www.countertack.com/report.

Methodology

CounterTack's "Cyber-readiness Reality Check" report summarizes a survey conducted online within the United States between June 13 to June 20, 2012 by ResearchNow on behalf of CounterTack. Respondents included 100 information security executives at U.S. enterprise organizations, all with revenues greater than $100 million, spanning a number of industries including aerospace & automotive, energy, financial services, government, healthcare, high technology, manufacturing and retail. Three-quarters of respondents were C-level executives — CISOs or CSOs — and the remaining quarter filled senior-level security roles within their organizations, including IT security engineers, information assurance analysts, security systems administrators, senior IT security consultants or security architects.

About CounterTack

CounterTack, the industry’s first and only in-progress attack intelligence and response solution provider, was born out of the critical need for enterprise and government organizations to approach security in a completely different way – combating advanced persistent threats with a new line of defense. Each year, more than $32 billion is spent worldwide on security technologies, yet motivated cyber attackers are still finding ways to penetrate the most sophisticated, layered defenses. CounterTack solves this problem by offering the fastest detection and deepest attack intelligence available, enabling customers to actively engage with the attacker and take control over the impact of the attack – even while it’s happening.

Founded as NeuralIQ, the company re-launched as CounterTack in 2011, building upon the vision and innovation of NeuralIQ. Based in Waltham, Mass., the privately held company is backed by Fairhaven Capital and a group of private investors.

Enterprise Systems: How VM Introspection Transforms Honeynets into Lean, Mean, APT-fighting Machines

Honeynets are an often-overlooked means of defense in today's cybersecurity landscape. The term conjures images of a simpler time when script kiddies holed-up in mom and dad's basement represented the biggest security threat organizations faced online. Honeynets of that bygone era were difficult to set up and equally complicated to maintain.

Beyond operational complexity, honeynets of old weren't very effective. The idea of a honeynet is to dupe an attacker into thinking they've breached a working production asset. However, few were fooled by early versions of these traps; some even managed to infiltrate older honeynets and turn them into launch pads for attack staging. The modest forensics payoff for this potential liability was of limited interest because there was little to no actionable intelligence collected.

" target="_blank">Read More >

CounterTack Featured on WGBH: "CyberSecurity: Defending our Next Battlefield

Hear CounterTack CEO Neil Creighton Discuss Cyber Security at WGBH's Innovation Hub

We lift the veil on cybercrime, which can lead to stolen identities, stolen company secrets — even stolen military secrets.

In an age in which information has become everything — and vast computer networks contain our deepest secrets — we have become trapped by the very machines that we rely on.

So how do you fight back against cybercrime? Can you build walls high enough? What does the battlefield look right now? We ask experts who are in the trenches.

" target="_self">Listen to the Recording >

CounterTack Partners with HP to Enhance Visibility into In-Progress Cyber Attacks

 Event Horizon® achieves HP ArcSight Common Event Format Certification to provide joint customers with real-time, file, process and network forensics data 

WALTHAM, Mass. (April 25, 2012) – CounterTack, the industry’s first and only provider of in-progress cyber attack intelligence and response solutions, today announced that it has partnered with HP and received  the HP ArcSight Common Event Format (CEF) certification for its Event Horizon solution. This certification affirms the interoperability of Event Horizon with the HP ArcSight Security Intelligence and Risk Management (SIRM) platform.

With this partnership, intelligence derived from the Event Horizon solution, including file, process and network level activity, can be integrated with an organization’s existing HP ArcSight deployment to further reduce false positives and enhance correlation capabilities between the products.

“Event Horizon uses virtual machine introspection to provide unparalleled visibility into in-progress cyber attacks,” said John Worrall, executive vice president of product management and marketing at CounterTack. “Providing this real-time attack information enhances security event correlation, reduces false positives and provides joint customers with enhanced security operations response capabilities.”

“Trusted interoperability and immediate remediation are critical for customers looking to combat evolving cyber threats head-on,” said Buck Watia, director, Business Development, Enterprise Security, HP. “This interoperability will leverage virtual machine introspection to provide valuable in-progress attack intelligence capabilities for HP ArcSight customers.”

CounterTack’s interoperability with the HP ArcSight correlation engine will add valuable, real-time forensic details, such as the timestamp of the attack, information on the process initiating outbound connection to the remote host, and information on the process modifying files and the process modifying Registry Key values.

Event Horizon utilizes the hypervisor to perform analysis of operating system (OS) level functions that attempt to manipulate file, process and network behavior. This unique execution of applied virtualization enables Event Horizon users to monitor host-based activity without being detected. Machine speed capture of data from the memory of a virtual machine creates rich, actionable intelligence, which includes file, process and network level activity.

About CounterTack

CounterTack, the industry’s first and only in-progress attack intelligence and response solution was born out of the critical need for enterprise and government organizations to approach security in a completely different way – combating advanced persistent threats with a new line of defense. Each year, more than $32 billion is spent worldwide on security technologies, yet motivated cyber attackers are still finding ways to penetrate the most sophisticated, layered defenses. CounterTack solves this problem by offering the fastest detection and deepest attack intelligence available, enabling customers to actively engage with the attacker and take control over the impact of the attack – even while it’s happening.

Founded as NeuralIQ, the company re-launched as CounterTack in 2011, building upon the vision and innovation of NeuralIQ.  Based in Waltham, Mass., the privately held company is backed by Fairhaven Capital and a group of private investors. 

FierceCIO: How It Pays to Assume You've Been Attacked

Security gurus in recent years have liked to advise businesses not to ask if their networks will be attacked but rather when they will be attacked. Now, they are recommending that businesses assume they already have been attacked, reports Kelly Jackson Higgins at Dark Reading.

This perspective illustrates a considerable shift in mindset within the security industry, which traditionally marketed defensive tools like firewalls and antivirus programs, Higgins reports. It's a more fatalistic viewpoint, suggesting that we should be focusing not on prevention but on damage mitigation.

" target="_blank">Read More >

Dark Reading: Security's New Reality: Assume the Worst

Tucked away on the sprawling show floor at the recent RSA Conference was a newly commercialized appliance that sits inside the network and spies on attacks already in progress. Its mission isn't to stop the attacker from getting in, but instead to stealthily observe the attacker's moves while gathering intelligence and ultimately containing any damage.

" target="_blank">Read More >

Help Net Security: Security Platform Uses Virtual Machine Introspection

CounterTack announced three new solutions available on Event Horizon, a security platform utilizing virtual machine introspection (VMI), to help organizations identify, disrupt and respond to advanced threats.

Positioned on the hypervisor, Event Horizon's patent pending technology provides undetectable and omnipresent surveillance into guest operating systems and applications, providing real-time analysis of operating system-level functions that attempt to manipulate file, process and network behavior.

Read More>

CounterTack Launches Event Horizon 3.1 Platform and Three Intelligence Solutions Aimed at In-Progress Advanced Cyber Attacks

CounterTack to unveil next generation version of the industry’s only commercially available security platform using virtual machine introspection at booth #845 during RSA Conference 2012

WALTHAM, Mass. (Feb. 21, 2012) – CounterTack, the industry’s first and only provider of in-progress cyber attack intelligence and response solutions, today announced three new solutions available on Event Horizon®, the world’s first commercially available security platform utilizing virtual machine introspection (VMI), to help enterprise and government organizations identify, disrupt and respond to advanced threats. CounterTack will preview these new solutions, along with an enhanced version of the Event Horizon platform, at the RSA Conference in San Francisco next week at Booth #845.

“As enterprise and government organizations adapt to changing cyber enemy skills and tactics, they need to arm themselves with superior intelligence, expert analysis and modern defenses,” said Jon Oltsik, senior principal analyst, Enterprise Strategy Group. “Fueled by covert, high-speed virtual machine introspection technology, CounterTack is well positioned to provide a new class of intelligence and response solutions, helping organizations protect their critical assets from advanced persistent threats.”

Strategically positioned on the hypervisor, Event Horizon’s patent pending technology provides undetectable and omnipresent surveillance into guest operating systems and applications, providing real-time analysis of operating system-level functions that attempt to manipulate file, process and network behavior. CounterTack’s three new solutions complement the Event Horizon platform by continuously monitoring and covertly gathering forensics on an attacker’s lateral movements across three critical domain assets:

  • CounterTack’s Continuous Network Monitoring to Detect Lateral Movement solution enables organizations to detect malicious, lateral movement from the initial host as the attacker conducts network discovery, credential collection and privilege escalation activities to find and access valuable data. Once detected, CounterTack provides a rich set of real-time file, process and network forensics information, enabling organizations to quickly disrupt the attack, harden its defenses and enable precise system remediation.
  • CounterTack’s unique approach to active continuous monitoring at the CPU, memory and process level provides unprecedented protection against malicious behavior in Active Directory, the foundational piece of any organization’s security infrastructure. Holding a comprehensive database of user names, passwords and cryptographic keys, Active Directory provides both a “map” and the “keys” to virtually any resource on an organization’s network. CounterTack offers two solutions to protect an organization’s Active Directory environment.
    • Active Directory Administrator Workstation Monitoring solution detects attacks and unauthorized actions on domain administrator workstations, including malicious software installation and establishment of backdoor connections to command and control servers.
    • Active Directory Domain Controller Monitoring solution detects unauthorized user behavior in Active Directory, and protects against O/S and application-based attacks including attempts to escalate privileges.

At RSA Conference, CounterTack will also unveil its next-generation Event Horizon 3.1, now supporting Windows Server 2008 and the Windows 7 operating system to provide unsurpassed intelligence on in-progress attacks across these environments. 

“CounterTack’s new solutions are built on our proven, innovative cyber security technology powered by virtual machine introspection for the enterprise and government markets,” said Neal Creighton, CEO of CounterTack. “The introduction of Event Horizon 3.1 expands our capabilities to complement our customers’ security infrastructures, adding significant value to existing investments and processes for in-progress incident response.”

About CounterTack

CounterTack, the industry’s first and only in-progress attack intelligence and response solution was born out of the critical need for enterprise and government organizations to approach security in a completely different way – combating advanced persistent threats with a new line of defense. Each year, more than $32 billion is spent worldwide on security technologies, yet motivated cyber attackers are still finding ways to penetrate the most sophisticated, layered defenses. CounterTack solves this problem by offering the fastest detection and deepest attack intelligence available, enabling customers to actively engage with the attacker and take control over the impact of the attack – even while it’s happening.

Founded as NeuralIQ, the company re-launched as CounterTack in 2011, building upon the vision and innovation of NeuralIQ.  Based in Waltham, Mass., the privately held company is backed by Fairhaven Capital and a group of private investors. 

 

CounterTack CEO Neal Creighton to Present at the Eighth Annual AGC West Coast Information Security and Emerging Growth Conference

CounterTack to Have Strong Presence During RSA Conference 2012 Week in San Francisco

WALTHAM, Mass. (Feb. 21, 2012) – CounterTack, the industry’s first and only provider of in-progress cyber attack intelligence and response solutions, today announced that CEO Neal Creighton will present at the America’s Growth Capital (AGC) Eighth Annual West Coast Information Security and Emerging Growth Conference on Monday, February 27, at the Westin San Francisco Market Street.

The AGC will showcase the most innovative emerging growth companies in information security, and feature thought-provoking panel discussions and company presentations delivered by senior-level executives of more than 275 leading public and private companies. At the conference, Creighton will present CounterTack’s in-progress attack intelligence and response solutions, born out of the critical need for enterprise and government organizations to approach security in a completely different way – combating advanced persistent threats with a new line of defense.

During the same week at RSA Conference 2012 in San Francisco (booth #845), CounterTack will showcase the world’s first commercially available security platform utilizing virtual machine introspection (VMI), to help organizations identify, disrupt and respond to in-progress cyber attacks.

CounterTack demonstrations at the RSA Conference will educate visitors on a brand new class of intelligence and response solutions. The company’s innovative approach to active, continuous monitoring, fueled by patent pending, covert, virtual machine introspection technology, provides unprecedented O/S level visibility and enables organizations to take control over the impact of a cyber attack – while it’s happening. Booth demonstration participants will be automatically entered to win a Vespa scooter. For full contest details and official rules, please see here.

Additionally, CounterTack board member and renowned cyber security expert Dmitri Alperovitch will present on the following panel presentations during the RSA Conference:

  • Cyber Battlefield: The Future of Conflict (Wednesday, February 29 at 8:00 a.m. in Room 103) This panel will explore complex policy issues tied to conflict in cyberspace, exploring the current state of nation-state espionage, armed reconnaissance and cyber warfare operations, the evolution in strategic cyber deterrence doctrines and review the diplomatic initiatives to establish norms of behavior in cyberspace between U.S., Russia and China.
  • Hacking Exposed: Mobile RAT Edition (Wednesday, February 29 at 10:40 a.m. in Room 132) This panel will explore the seedy underground trade of mobile Remote Access Tools (RATs), detailing real life investigations and demonstrating the latest in Mobile RAT technologies. Prepare yourself for the next wave of attack.

To schedule a one-on-one meeting with CounterTack experts during RSA Conference 2012, please call 781-966-4112. For more information, please visit www.CounterTack.com.

About CounterTack

CounterTack, the industry’s first and only in-progress attack intelligence and response solution was born out of the critical need for enterprise and government organizations to approach security in a completely different way – combating advanced persistent threats with a new line of defense. Each year, more than $32 billion is spent worldwide on security technologies, yet motivated cyber attackers are still finding ways to penetrate the most sophisticated, layered defenses. CounterTack solves this problem by offering the fastest detection and deepest attack intelligence available, enabling customers to actively engage with the attacker and take control over the impact of the attack – even while it’s happening.

Founded as NeuralIQ, the company re-launched as CounterTack in 2011, building upon the vision and innovation of NeuralIQ.  Based in Waltham, Mass., the privately held company is backed by Fairhaven Capital and a group of private investors. 

 

CounterTack Appoints Two New Board Members

Dmitri Alperovitch and Alex Doll join CounterTack's Board of Directors to help guide the industry's first and only cyber attack intelligence and response provider

CounterTack, the industry’s first and only provider of in-progress cyber attack intelligence and response solutions, today announced the appointment of industry veterans Dmitri Alperovitch and Alex Doll to its Board of Directors. CounterTack offers the fastest detection and deepest attack intelligence available, enabling customers to take control over the impact of an attack while it’s happening. Last month, the company raised $9.5 million in funding and unveiled a team of experienced information security experts to pave the way in solving the industry’s most critical problem – threats that have already penetrated traditional defense mechanisms to invade government and enterprise networks. “The expansion of CounterTack’s Board of Directors to include Dmitri Alperovitch, a widely respected cyber defense expert and Alex Doll, an acclaimed serial entrepreneur, adds further depth to a team that’s already primed to meet the critical need for enterprise and government organizations to approach security in a completely new way,” said Neal Creighton, chief executive officer, CounterTack. “The far-reaching industry experience and stellar reputations of both made their addition to the board an easy decision.”

Alperovitch is a renowned computer security researcher, thought-leader on cyber security policies and issues and president of Asymmetric Cyber Operations LLC. As former vice president of Threat Research at McAfee, he led the company’s Internet threat intelligence analysis, correlation and visualization. As a recognized authority on online organized criminal activity, cyber espionage, cyber warfare and cyber security, Alperovitch has significant experience working as a subject matter expert with all levels of U.S. and international policy makers, intelligence and law enforcement agencies on analysis, investigations, and profiling of transnational organized criminal activities and cyber threats from terrorist and nation-state adversaries. In 2010 and 2011, Alperovitch led the global team that investigated, brought to light and named groundbreaking cyber espionage intrusions, including Operation Aurora, Night Dragon and Shady RAT. The former research leader at Secure Computing, Alperovitch also serves on the board of the Georgia Tech Information Security Center (GTISC) Industry Advisory Board. He holds a master's degree in information security and a bachelor's degree in computer science, both from Georgia Institute of Technology.

Doll is a seasoned entrepreneur and investor with a solid track record of building and leading high performance teams. As co-founder and former chief operating officer of PGP Corporation, Doll worked closely with the chief executive officer to set the company’s strategy and drive operational goals across all business functions, leading the company’s evolution from inception to a global industry leader in encryption and data protection. Throughout his tenure with the organization, from founding to sale, Doll served as a member of its Board of Directors. The company was purchased by Symantec in 2010. Doll is currently the entrepreneur in residence at Khosla Ventures. Doll has served on the board of Alpha Card Systems, a reseller of security products and video surveillance systems. Prior to co-founding PGP Corporation, Doll was senior vice president of sales, business development and support at Embark, a Web-based recruitment and admissions software company. Previously, he was involved in the strategic planning and execution of corporate partnering and investment programs for PeopleSoft Inc., and he held various positions in the financial services industry in Silicon Valley, including the investment banking group at Robertson, Stephens & Co. and technology research at Dresdner RCM Capital Management. Doll holds a bachelor’s degree in telecommunications systems engineering and a bachelor’s degree in finance from the University of Pennsylvania. He earned his Master of Business Administration from the Stanford University Graduate School of Business.

In addition to Alperovitch and Doll, the members of CounterTack’s Board of Directors are Retired Admiral William J. Fallon, chairman; Neal Creighton, chief executive officer; Alen Capalik, founder and chief architect; Mark Hatfield, partner at Fairhaven Capital; and Christopher Boies, partner at Boies, Schiller & Flexner LLP.

About CounterTack
CounterTack, the industry’s first and only in-progress attack intelligence and response solution was born out of the critical need for enterprise and government organizations to approach security in a completely different way – combating advanced persistent threats with a new line of defense. Each year, more than $32 billion is spent worldwide on security technologies, yet motivated cyber attackers are still finding ways to penetrate the most sophisticated, layered defenses. CounterTack solves this problem by offering the fastest detection and deepest attack intelligence available, enabling customers to actively engage with the attacker and take control over the impact of the attack – even while it’s happening.

Founded as NeuralIQ, the company re-launched as CounterTack in 2011, building upon the vision and innovation of NeuralIQ. Based in Waltham, Mass., the privately held company is backed by Fairhaven Capital and a group of private investors.

CounterTack Secures $9.5 Million Series A Funding to Launch the Industry's First In-progress Attack Intelligence and Response Solution

NeuralIQ rebrands as CounterTack with new investor Fairhaven Capital and newly structured executive leadership team

CounterTack, the industry’s first and only provider of in-progress cyber attack intelligence and response solutions, today announced it has secured $9.5 million in a Series A funding round led by Fairhaven Capital and a private group of investors. Formerly known as NeuralIQ, CounterTack was born out of the critical need for enterprise and government organizations to approach security in a completely different way – combating advanced persistent threats with a new line of defense. CounterTack offers the fastest detection and deepest attack intelligence available, enabling customers to take control over the impact of the attack while it’s happening.

CounterTack named Neal Creighton as CEO, who will lead a veteran executive leadership team, including founder and chief architect Alen Capalik. John Worrall has been named executive vice president of product management and marketing and John Adams as chief technology officer. Rounding out the executive management team is Robert Potter, senior vice president of sales, and Jim Harrison, chief financial officer. For additional details on CounterTack’s leadership team, please see here.

“CounterTack is the culmination of NeuralIQ’s ground-breaking innovation and advanced development of intelligence and active defense tools for cyber security,” said Neal Creighton, CEO of CounterTack. “By applying virtualization technology to information security, CounterTack will bring to market unprecedented levels of network intelligence to identify and mitigate the impact of in-progress cyber attacks.”

CounterTack’s mission is to solve information security’s most critical problem: threats that have already penetrated traditional, layered defense mechanisms to invade commercial and government networks.

“Today’s most sophisticated cyber threats can easily circumvent the most up-to-date and advanced security solutions currently in the market,” said Retired Admiral William J. Fallon, chairman of CounterTack’s board of directors. “Human attack vectors have rendered the traditional walled-fortress approach to network security about as effective for enterprise as the Maginot Line was during World War Two. For that reason, CounterTack is taking a completely different tack to information security that will offer true visibility into in-progress attacks, while affording targets of cyber crime and espionage an opportunity to actively respond in real-time.”

As former head of both U.S. Central Command and U.S. Pacific Command, Admiral Fallon has gained insight into the role of cyber security in protecting our nation’s most sensitive communications and critical assets.

“Despite $32 billion spent annually on cyber security products, hackers are still getting through the gates, costing business more than $7 million dollars per breach on average,” said Mark Hatfield, partner at Fairhaven Capital. “CounterTack’s application of virtualization technology to information security is about to change that equation dramatically by putting government and enterprise a step ahead of would-be hackers.”

About CounterTack
CounterTack, the industry’s first and only in-progress attack intelligence and response solution was born out of the critical need for enterprise and government organizations to approach security in a completely different way – combating advanced persistent threats with a new line of defense. Each year, more than $24 billion is spent worldwide on security technologies, yet motivated cyber attackers are still finding ways to penetrate the most sophisticated, layered defenses. CounterTack solves this problem by offering the fastest detection and deepest attack intelligence available, enabling customers to actively engage with the attacker and take control over the impact of the attack – even while it’s happening.

Founded as NeuralIQ, the company re-launched as CounterTack in 2011, building upon the vision and innovation of NeuralIQ. Based in Waltham, Mass., the privately held company is backed by Fairhaven Capital and a group of private investors.

CounterTack Announces Newly Structured Executive Leadership Team

Neal Creighton to lead newly launched company; team of veteran cyber defense experts and top executives to offer first and only cyber attack intelligence and response offering

CounterTack, the industry’s first and only provider of in-progress cyber attack intelligence and response solutions, today announced a new executive leadership team. CounterTack named Neal Creighton as CEO, who will lead a veteran executive leadership team, including founder and chief architect Alen Capalik. John Worrall has been named executive vice president of product management and marketing and John Adams as chief technology officer. Rounding out the executive management team is Robert Potter, senior vice president of sales, and Jim Harrison, chief financial officer.

Formerly known as NeuralIQ, CounterTack was born out of the critical need for enterprise and government organizations to approach security in a completely different way – combating advanced persistent threats with a new line of defense. The newly formed company raised $9.5 million in Series A funding led by Fairhaven Capital and a private group of investors. CounterTack offers the fastest detection and deepest attack intelligence available, enabling customers to take control over the impact of the attack while it’s happening.

“CounterTack is the culmination of NeuralIQ’s ground-breaking innovation and advanced development of intelligence and response tools for cyber security,” said Neal Creighton, CEO of CounterTack. “We have assembled a team of experienced information security veterans to pave the way in solving the industry’s most critical problem – threats that have already penetrated traditional defense mechanisms to invade government and enterprise networks. By applying virtualization solutions to information security, CounterTack will bring to market unprecedented levels of network intelligence to identify and mitigate the impact of in-progress cyber attacks.”

The CounterTack executive leadership team includes:

Neal Creighton, Chief Executive Officer
Creighton has more than a decade of experience in information security, identity verification, Web authentication markets. As co-founder, president and CEO of GeoTrust, Creighton was responsible for providing the leadership, strategic direction and management for the company. Creighton spearheaded GeoTrust strategically and positioned the company for rapid growth. Creighton led the efforts to raise $24 million in venture financing and sold GeoTrust to VeriSign (NASDAQ: VRSN) for $125 million in September 2006. In addition, Creighton led the spin-off of ChosenSecurity from GeoTrust, which was acquired by PGP, Inc. (now Symantec). Creighton was also co-founder and executive chairman of AffirmTrust LLC, which was acquired by a large security vendor in 2011, and co-founder of RatePoint, Inc., which was named MITX 2010 Social Media Company of the Year for New England. Creighton is a graduate of the United States Military Academy at West Point and holds a Juris Doctorate and Master of Business Administration from Northwestern University. He is also the co-inventor of the domain control authentication patent granted in 2006 and was a Massachusetts High Tech All Star 2010, 40 Under 40 award in New England, three-time Ernst & Young Entrepreneur of the Year finalist and 2007 Sale Side Deal of the Year winner for New England from Mass High Tech.

Alen Capalik, Founder and Chief Architect
Capalik believes that information security is an evolutionary arms race and that the key to victory is adaptability. While serving as network and security architect for banks, financial institutions and national exchanges, he realized that designing security systems to predict human behavior in cyber attacks was a losing proposition. Capalik’s passion for meeting unconventional threats with unconventional technology led him to found NeuralIQ, a company dedicated to creating real-time systems that turn the collective intelligence of attackers into a resource that can be used against them. Capalik most recently served as chief technology officer for Tradeware Global, a leading provider of Order Management Systems software on Wall Street. Prior to Tradeware, he served as network and security architect for CollabNet, a venture capital-funded startup focused on open source software development. Before CollabNet, Capalik worked as Network and Security Architect for Barclays Bank.

John Worrall, Executive Vice President, Product Management and Marketing
With more than 14 years in the information security business, Worrall is responsible for driving CounterTack’s product and go-to-market strategies. Before joining CounterTrack, Worrall served as interim chief marketing officer of ActivIdentity. He previously held the position of vice president and general manager of the security information and event management business unit at RSA, the Security Division of EMC. Prior to EMC’s acquisition of RSA Security, he was their senior vice president of worldwide marketing where he led the company’s global, corporate, and field marketing; product marketing and management; and the RSA Conference business unit. Previously, he served as vice president of product management where he directed the development of product strategy and plans for RSA Security’s authentication and access management solutions. A seasoned high technology veteran, Worrall has held numerous leadership roles in sales, marketing, systems engineering and software development. He holds a Bachelor of Arts degree in economics from Saint Lawrence University.

John Adams, Chief Technology Officer, Vice President, Engineering
With more than 30 years experience in information technology, primarily in the areas of networking and security, Adams is responsible for setting and leading the technical direction and product development for CounterTack. Adams has had extensive experience in the development of hardware and software products, as well as the development of managed services. Most recently, Adams worked in the office of the chief technology officer at Symantec. Previously, he served as chief technology officer of PGP, which was later acquired by Symantec. Prior to PGP, Adams held the role of chief technology officer at ChosenSecurity, a public certificate authority that was spun out of the VeriSign acquisition of GeoTrust in 2006, and acquired by PGP in 2010. In this role he was responsible for setting the technical direction for ChosenSecurity and its wholly owned subsidiary TC TrustCenter, which had been acquired by GeoTrust in 2005. Prior to Chosen Security, Adams led a number of high-profile technology and security teams and held senior executive management positions at GeoTrust, RSA Security and Digital Equipment Corporation. Adams graduated from Harvard University with a Bachelor of Arts degree in mathematics, and also holds a Bachelor of Science and Master of Science in civil engineering from Tufts University, and a doctorate in civil engineering from MIT.

Robert Potter, Senior Vice President, Sales
Potter is a proven sales executive with experience building high performance sales team in commercial and US Federal Government markets, with a consistent track record of exceeding revenue objectives. As senior vice president, sales, Potter is responsible for building and managing CounterTack’s sales operations. He most recently served as vice president and director of Federal Security for RSA Federal Operations, EMC Corporation. Under Potter’s leadership his department experienced year-over-year growth as high as 73 percent for four consecutive years. Prior to his work at RSA, Potter was sales director at Digital Harbor. His sales track record includes successful management tenures at Jacada Software, WRQ, Inc. and IBM. He also founded his own startup company, raising $4 million in funding for Sport Tech Solutions, where he developed strategic partnerships with Nike, AT&T, U.S. Olympic Program and the NCAA. Potter earned his Bachelor of Science degree in computer science at Quinnipiac University.

Jim Harrison, Chief Financial Officer
Harrison brings a wealth of experience in financial management and business operations to CounterTack. As chief financial officer, he directs all financial and administrative functions for the organization. A seasoned expert in building the financial foundation for early stage ventures, Harrison has spent the majority of his career serving in executive financial roles at start-up technology companies, and has helped to procure more than $25 million in venture capital funds. By controlling expenses while streamlining sales processes, he has achieved early, positive cash flows, which have resulted in a number of positive liquidation events. Most recently, Harrison served as sales operations leader at EXFO Inc. He previously held the position of vice president and director of business operations at Workscape. Prior to Workscape, Harrison served as chief financial officer and controller at RatePoint. He has also held executive roles at early stage companies including Chosen Security, GeoTrust and CyberTrust. Formally, Harrison served as director of business operations at BBN Genuity. Harrison has completed Master of Business Administration coursework at Babson College and holds a Bachelor of Science degree in accounting from University of Massachusetts Lowell.

About CounterTack
CounterTack, the industry’s first and only in-progress attack intelligence and response solution was born out of the critical need for enterprise and government organizations to approach security in a completely different way – combating advanced persistent threats with a new line of defense. Each year, more than $24 billion is spent worldwide on security technologies, yet motivated cyber attackers are still finding ways to penetrate the most sophisticated, layered defenses. CounterTack solves this problem by offering the fastest detection and deepest attack intelligence available, enabling customers to actively engage with the attacker and take control over the impact of the attack – even while it’s happening.

Founded as NeuralIQ, the company re-launched as CounterTack in 2011, building upon the vision and innovation of NeuralIQ. Based in Waltham, Mass., the privately held company is backed by Fairhaven Capital and a group of private investors.

For Media Inquiries

Please email info@gosecure.net.

View News Mentions from Previous Years:

2018 News Mentions

2017 News Mentions